function check($oSection) { $aPermissions = $this->_getAcceptedPermissions(); //no required permissions, we can show the section if (empty($aPermissions)) { return true; } $hasRequiredPermission = false; for ($i = 0; $i < count($aPermissions); $i++) { $hasRequiredPermission = OA_Permission::hasPermission($aPermissions[$i]); if ($hasRequiredPermission) { break; } } return $hasRequiredPermission; }
function OA_headerNavigation() { $oHeaderModel = buildAdvertiserHeaderModel($GLOBALS['clientid']); if (OA_Permission::isAccount(OA_ACCOUNT_MANAGER)) { phpAds_PageHeader("advertiser-access", $oHeaderModel); phpAds_ShowSections(array("4.1.2", "4.1.3", "4.1.5", "4.1.5.2")); } else { $sections = array(); if (OA_Permission::hasPermission(OA_PERM_BANNER_ACTIVATE) || OA_Permission::hasPermission(OA_PERM_BANNER_EDIT)) { $sections[] = '2.2'; } $sections[] = '2.3'; $sections[] = '2.3.2'; phpAds_PageHeader('advertiser-access', $oHeaderModel); phpAds_ShowSections($sections); } }
/** * The final "child" implementation of the parental abstract method. * * @see OA_Admin_Statistics_Common::start() */ function start() { // Get parameters $advertiserId = $this->_getId('advertiser'); $placementId = $this->_getId('placement'); $adId = $this->_getId('ad'); // Security check OA_Permission::enforceAccount(OA_ACCOUNT_ADMIN, OA_ACCOUNT_MANAGER, OA_ACCOUNT_ADVERTISER); $this->_checkAccess(array('advertiser' => $advertiserId, 'placement' => $placementId, 'ad' => $adId)); // Add standard page parameters $this->aPageParams = array('clientid' => $advertiserId, 'campaignid' => $placementId, 'bannerid' => $adId); // Load the period preset and stats breakdown parameters $this->_loadPeriodPresetParam(); $this->_loadStatsBreakdownParam(); // Load $_GET parameters $this->_loadParams(); // HTML Framework if (OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER)) { $this->pageId = '2.1.2.2.1'; $this->aPageSections = array('2.1.2.2.1', '2.1.2.2.2', '2.1.2.2.3'); } elseif (OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER)) { $this->pageId = '1.2.2.1'; $this->aPageSections[] = '1.2.2.1'; if (OA_Permission::hasPermission(OA_PERM_BANNER_EDIT)) { $this->aPageSections[] = '1.2.2.2'; } $this->aPageSections[] = '1.2.2.4'; } // Add breadcrumbs $this->_addBreadcrumbs('banner', $adId); // Add context $this->aPageContext = array('banners', $adId); // Add shortcuts if (!OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER)) { $this->_addShortcut($GLOBALS['strClientProperties'], 'advertiser-edit.php?clientid=' . $advertiserId, 'images/icon-advertiser.gif'); } $this->_addShortcut($GLOBALS['strCampaignProperties'], 'campaign-edit.php?clientid=' . $advertiserId . '&campaignid=' . $placementId, 'images/icon-campaign.gif'); $this->_addShortcut($GLOBALS['strBannerProperties'], 'banner-edit.php?clientid=' . $advertiserId . '&campaignid=' . $placementId . '&bannerid=' . $adId, 'images/icon-banner-stored.gif'); $this->_addShortcut($GLOBALS['strModifyBannerAcl'], 'banner-acl.php?clientid=' . $advertiserId . '&campaignid=' . $placementId . '&bannerid=' . $adId, 'images/icon-acl.gif'); // Prepare the data for display by output() method $aParams = array('ad_id' => $adId); $this->prepare($aParams, 'stats.php'); }
OA_Permission::enforceAccessToObject('clients', $clientid); /*-------------------------------------------------------*/ /* Store preferences */ /*-------------------------------------------------------*/ $session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['clientid'] = $clientid; phpAds_SessionDataStore(); /*-------------------------------------------------------*/ /* HTML framework */ /*-------------------------------------------------------*/ $oHeaderModel = buildAdvertiserHeaderModel($clientid); if (OA_Permission::isAccount(OA_ACCOUNT_MANAGER)) { phpAds_PageHeader('advertiser-access', $oHeaderModel); phpAds_ShowSections(array("4.1.2", "4.1.3", "4.1.5", "4.1.5.1")); } else { $sections = array(); if (OA_Permission::hasPermission(OA_PERM_BANNER_ACTIVATE) || OA_Permission::hasPermission(OA_PERM_BANNER_EDIT)) { $sections[] = '2.2'; } $sections[] = '2.3'; $sections[] = '2.3.1'; phpAds_PageHeader('advertiser-access', $oHeaderModel); phpAds_ShowSections($sections); } /*-------------------------------------------------------*/ /* Main code */ /*-------------------------------------------------------*/ require_once MAX_PATH . '/lib/OA/Admin/Template.php'; $oTpl = new OA_Admin_Template('advertiser-user-start.html'); OA_Admin_UI_UserAccess::assignUserStartTemplateVariables($oTpl); $oTpl->assign('action', 'advertiser-user.php'); $oTpl->assign('entityIdName', 'clientid');
$title = $setPref[$prefSection]['name']; // Display the settings page's header and sections $oHeaderModel = new OA_Admin_UI_Model_PageHeaderModel($title); phpAds_PageHeader('account-user-index', $oHeaderModel); if (OA_Permission::isAccount(OA_ACCOUNT_ADMIN)) { // Show all "Preferences" sections phpAds_ShowSections(array("5.1", "5.2", "5.3", "5.5", "5.6", "5.4")); } else { if (OA_Permission::isAccount(OA_ACCOUNT_MANAGER)) { // Show the "Account Preferences", "User Log" and "Channel Management" sections of the "Preferences" sections phpAds_ShowSections(array("5.1", "5.2", "5.4", "5.7")); } else { if (OA_Permission::isAccount(OA_ACCOUNT_TRAFFICKER, OA_ACCOUNT_ADVERTISER)) { // Show the "User Preferences" section of the "Preferences" sections $sections = array("5.1", "5.2"); if (OA_Permission::hasPermission(OA_PERM_USER_LOG_ACCESS)) { $sections[] = "5.4"; } phpAds_ShowSections($sections); } } } // Get the current logged in user details $oUser = OA_Permission::getCurrentUser(); $aUser = $oUser->aUser; //$aLanguages = MAX_Admin_Languages::AvailableLanguages(); $aLanguages = new MAX_Admin_Languages(); // Prepare an array of HTML elements to display for the form, and // output using the $oOption object $aSettings = array(array('text' => $strUserDetails, 'items' => array(array('type' => 'plaintext', 'name' => 'username', 'value' => $aUser['username'], 'text' => $strUsername, 'size' => 35), array('type' => 'break'), array('type' => 'plaintext', 'name' => 'email_address', 'value' => $aUser['email_address'], 'text' => $strEmailAddress, 'size' => 35), array('type' => 'break'), array('type' => 'text', 'name' => 'contact_name', 'value' => $aUser['contact_name'], 'text' => $strFullName, 'size' => 35))), array('text' => $strLanguage, 'items' => array(array('type' => 'select', 'name' => 'language', 'text' => $strLanguage, 'items' => $aLanguages->AvailableLanguages(), 'value' => $GLOBALS['_MAX']['PREF']['language'])))); $oOptions->show($aSettings, $aErrormessage);
$banners[$key]['url_trimmed'] = substr_replace($banner['url'], ' ...', 40); } } } $oTpl->assign('clientId', $clientid); $oTpl->assign('campaignId', $campaignid); $oTpl->assign('aBanners', $banners); $oTpl->assign('aCount', $aCount); $oTpl->assign('hideinactive', $hideinactive); $oTpl->assign('listorder', $listorder); $oTpl->assign('orderdirection', $orderdirection); $oTpl->assign('isManager', OA_Permission::isAccount(OA_ACCOUNT_MANAGER)); $oTpl->assign('canACL', !OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER)); $oTpl->assign('canEdit', !OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER) || OA_Permission::hasPermission(OA_PERM_BANNER_EDIT)); $oTpl->assign('canActivate', !OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER) || OA_Permission::hasPermission(OA_PERM_BANNER_ACTIVATE)); $oTpl->assign('canDeactivate', !OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER) || OA_Permission::hasPermission(OA_PERM_BANNER_DEACTIVATE)); $oTpl->assign('canDelete', !OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER)); /*-------------------------------------------------------*/ /* Store preferences */ /*-------------------------------------------------------*/ $session['prefs']['campaign-banners.php'][$campaignid]['hideinactive'] = $hideinactive; $session['prefs']['campaign-banners.php'][$campaignid]['listorder'] = $listorder; $session['prefs']['campaign-banners.php'][$campaignid]['orderdirection'] = $orderdirection; $session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['clientid'] = $clientid; $session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['campaignid'][$clientid] = $campaignid; phpAds_SessionDataStore(); /*-------------------------------------------------------*/ /* HTML framework */ /*-------------------------------------------------------*/ $oTpl->display(); phpAds_PageFooter();
/** * The final "child" implementation of the parental abstract method. * * @see OA_Admin_Statistics_Common::start() */ function start() { // Get the preferences $aPref = $GLOBALS['_MAX']['PREF']; // Get parameters $advertiserId = $this->_getId('advertiser'); $placementId = $this->_getId('placement'); $adId = $this->_getId('ad'); // Security check OA_Permission::enforceAccount(OA_ACCOUNT_ADMIN, OA_ACCOUNT_MANAGER, OA_ACCOUNT_ADVERTISER); $this->_checkAccess(array('advertiser' => $advertiserId, 'placement' => $placementId, 'ad' => $adId)); // Add standard page parameters $this->aPageParams = array('clientid' => $advertiserId, 'campaignid' => $placementId, 'bannerid' => $adId); // Load the period preset and stats breakdown parameters $this->_loadPeriodPresetParam(); $this->_loadStatsBreakdownParam(); // Load $_GET parameters $this->_loadParams(); // HTML Framework if (OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER)) { $this->pageId = '2.1.2.2.2'; $this->aPageSections = array('2.1.2.2.1', '2.1.2.2.2', '2.1.2.2.3'); } elseif (OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER)) { $this->pageId = '1.2.2.4'; $this->aPageSections[] = '1.2.2.1'; if (OA_Permission::hasPermission(OA_PERM_BANNER_EDIT)) { $this->aPageSections[] = '1.2.2.2'; } $this->aPageSections[] = '1.2.2.4'; } // Add breadcrumbs $this->_addBreadcrumbs('banner', $adId); // Add context $this->aPageContext = array('banners', $adId); // Add shortcuts if (!OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER)) { $this->_addShortcut($GLOBALS['strClientProperties'], 'advertiser-edit.php?clientid=' . $advertiserId, 'images/icon-advertiser.gif'); } $this->_addShortcut($GLOBALS['strCampaignProperties'], 'campaign-edit.php?clientid=' . $advertiserId . '&campaignid=' . $placementId, 'images/icon-campaign.gif'); $this->_addShortcut($GLOBALS['strBannerProperties'], 'banner-edit.php?clientid=' . $advertiserId . '&campaignid=' . $placementId . '&bannerid=' . $adId, 'images/icon-banner-stored.gif'); $this->_addShortcut($GLOBALS['strModifyBannerAcl'], 'banner-acl.php?clientid=' . $advertiserId . '&campaignid=' . $placementId . '&bannerid=' . $adId, 'images/icon-acl.gif'); // Fix entity links $this->entityLinks['p'] = 'stats.php?entity=banner&breakdown=affiliate-history'; $this->entityLinks['z'] = 'stats.php?entity=banner&breakdown=zone-history'; $this->hideInactive = MAX_getStoredValue('hideinactive', $aPref['ui_hide_inactive'] == true, null, true); $this->showHideInactive = true; $this->startLevel = MAX_getStoredValue('startlevel', 0, null, true); // Init nodes $this->aNodes = MAX_getStoredArray('nodes', array()); $expand = MAX_getValue('expand', ''); $collapse = MAX_getValue('collapse'); // Adjust which nodes are opened closed... MAX_adjustNodes($this->aNodes, $expand, $collapse); $aParams = array(); $aParams['ad_id'] = $adId; switch ($this->startLevel) { case 1: $this->aEntitiesData = $this->getZones($aParams, $this->startLevel, $expand, true); break; default: $this->startLevel = 0; $this->aEntitiesData = $this->getPublishers($aParams, $this->startLevel, $expand); break; } // Summarise the values into a the totals array, & format $this->_summariseTotalsAndFormat($this->aEntitiesData); $this->showHideLevels = array(); switch ($this->startLevel) { case 1: $this->showHideLevels = array(0 => array('text' => $GLOBALS['strShowParentAffiliates'], 'icon' => 'images/icon-affiliate.gif')); $this->hiddenEntitiesText = "{$this->hiddenEntities} {$GLOBALS['strInactiveZonesHidden']}"; break; case 0: $this->showHideLevels = array(1 => array('text' => $GLOBALS['strHideParentAffiliates'], 'icon' => 'images/icon-affiliate-d.gif')); $this->hiddenEntitiesText = "{$this->hiddenEntities} {$GLOBALS['strInactiveAffiliatesHidden']}"; break; } // Save prefs $this->aPagePrefs['startlevel'] = $this->startLevel; $this->aPagePrefs['nodes'] = implode(",", $this->aNodes); $this->aPagePrefs['hideinactive'] = $this->hideInactive; }
/** * Checks if user has access to specific area (for example admin or agency area) * Permissions are defined in www/admin/lib-permissions.inc.php file * * @access public * * @param integer $permissions * @param string $table Table name * @param integer $id Id (or empty if new is created) * @param unknown $allowed check allowed * * @return boolean True if has access */ function checkPermissions($permissions, $table = '', $id = null, $allowed = null) { $isError = false; if (isset($permissions) && !OA_Permission::isAccount($permissions)) { if (!OA_Permission::attemptToSwitchToAccount($permissions)) { $isError = true; } } if (!empty($id) && !$this->checkIdExistence($table, $id)) { return false; } if (isset($id) && !OA_Permission::hasAccessToObject($table, $id)) { if (!OA_Permission::attemptToSwitchForAccess($table, $id)) { $isError = true; } } if (isset($allowed)) { if (OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER, OA_ACCOUNT_TRAFFICKER) && !OA_Permission::hasPermission($allowed)) { $isError = true; } } if ($isError) { $this->raiseError('Access forbidden'); return false; } else { return true; } }
require_once MAX_PATH . '/lib/OA/Admin/UI/UserAccess.php'; require_once MAX_PATH . '/lib/max/other/html.php'; OA_Permission::enforceAccount(OA_ACCOUNT_ADMIN, OA_ACCOUNT_MANAGER); OA_Permission::enforceAccountPermission(OA_ACCOUNT_MANAGER, OA_PERM_SUPER_ACCOUNT); OA_Permission::enforceAccessToObject('agency', $agencyid); $userAccess = new OA_Admin_UI_UserAccess(); $userAccess->init(); function OA_HeaderNavigation() { global $agencyid; if (OA_Permission::isAccount(OA_ACCOUNT_ADMIN)) { phpAds_PageHeader("agency-access"); $doAgency = OA_Dal::staticGetDO('agency', $agencyid); MAX_displayInventoryBreadcrumbs(array(array("name" => $doAgency->name)), "agency"); } else { phpAds_PageHeader("agency-user"); } } $userAccess->setNavigationHeaderCallback('OA_HeaderNavigation'); $accountId = OA_Permission::getAccountIdForEntity('agency', $agencyid); $userAccess->setAccountId($accountId); $userAccess->setPagePrefix('agency'); $aAllowedPermissions = array(); if (OA_Permission::hasPermission(OA_PERM_SUPER_ACCOUNT, $accountId)) { $aAllowedPermissions[OA_PERM_SUPER_ACCOUNT] = array($strAllowCreateAccounts, false); } $userAccess->setAllowedPermissions($aAllowedPermissions); $userAccess->setHiddenFields(array('agencyid' => $agencyid)); $userAccess->setRedirectUrl('agency-access.php?agencyid=' . $agencyid); $userAccess->setBackUrl('agency-user-start.php?agencyid=' . $agencyid); $userAccess->process();
function addZonePageTools($affiliateid, $zoneid, $aOtherPublishers, $aEntities) { global $phpAds_TextDirection; //duplicate if (OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER) || OA_Permission::hasPermission(OA_PERM_ZONE_ADD)) { addPageLinkTool($GLOBALS["strDuplicate"], MAX::constructUrl(MAX_URL_ADMIN, "zone-modify.php?duplicate=true&affiliateid={$affiliateid}&zoneid={$zoneid}&returnurl=" . urlencode(basename($_SERVER['SCRIPT_NAME']))), "iconZoneDuplicate"); } //move to if (OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER)) { $form = "<form action='" . MAX::constructUrl(MAX_URL_ADMIN, 'zone-modify.php') . "'>\n <input type='hidden' name='affiliateid' value='{$affiliateid}'>\n <input type='hidden' name='zoneid' value='{$zoneid}'>\n <input type='hidden' name='returnurl' value='" . htmlspecialchars(basename($_SERVER['SCRIPT_NAME'])) . "'>\n <select name='newaffiliateid'>"; $aOtherPublishers = _multiSort($aOtherPublishers, 'name', 'publisher_id'); foreach ($aOtherPublishers as $otherPublisherId => $aOtherPublisher) { $otherPublisherName = MAX_buildName($aOtherPublisher['publisher_id'], $aOtherPublisher['name']); if ($aOtherPublisher['publisher_id'] != $affiliateid) { $form .= "<option value='" . $aOtherPublisher['publisher_id'] . "'>" . htmlspecialchars($otherPublisherName) . "</option>"; } } $form .= "</select><input type='image' class='submit' src='" . OX::assetPath() . "/images/" . $phpAds_TextDirection . "/go_blue.gif'></form>"; addPageFormTool($GLOBALS['strMoveTo'], 'iconZoneMove', $form); } //delete if (OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER) || OA_Permission::hasPermission(OA_PERM_ZONE_DELETE)) { $deleteConfirm = phpAds_DelConfirm($GLOBALS['strConfirmDeleteZone']); addPageLinkTool($GLOBALS["strDelete"], MAX::constructUrl(MAX_URL_ADMIN, "zone-delete.php?token=" . urlencode(phpAds_SessionGetToken()) . "&affiliateid={$affiliateid}&zoneid={$zoneid}&returnurl=affiliate-zones.php"), "iconDelete", null, $deleteConfirm); } //shortcut addPageShortcut($GLOBALS['strBackToZones'], MAX::constructUrl(MAX_URL_ADMIN, "affiliate-zones.php?affiliateid={$affiliateid}"), "iconBack"); $entityString = _getEntityString($aEntities); addPageShortcut($GLOBALS['strZoneHistory'], MAX::constructUrl(MAX_URL_ADMIN, "stats.php?entity=zone&breakdown=history&{$entityString}"), 'iconStatistics'); }
phpAds_PageHeader("affiliate-access"); MAX_displayWebsiteBreadcrumbs($affiliateid); } $userAccess->setNavigationHeaderCallback('OA_headerNavigation'); function OA_footerNavigation() { echo "\n <script language='JavaScript'>\n <!--\n "; if (OA_Permission::isAccount(OA_ACCOUNT_MANAGER)) { echo "function MMM_cascadePermissionsChange()\n {\n var e = findObj('permissions_" . OA_PERM_ZONE_EDIT . "');\n var a = findObj('permissions_" . OA_PERM_ZONE_ADD . "');\n var d = findObj('permissions_" . OA_PERM_ZONE_DELETE . "');\n\n a.disabled = d.disabled = !e.checked;\n if (!e.checked) {\n a.checked = d.checked = false;\n }\n }\n MMM_cascadePermissionsChange();\n //-->"; } echo "</script>"; } $userAccess->setNavigationFooterCallback('OA_footerNavigation'); $accountId = OA_Permission::getAccountIdForEntity('affiliates', $affiliateid); $userAccess->setAccountId($accountId); $userAccess->setPagePrefix('affiliate'); $aAllowedPermissions = array(); if (OA_Permission::isAccount(OA_ACCOUNT_MANAGER) || OA_Permission::hasPermission(OA_PERM_SUPER_ACCOUNT, $accountId)) { $aAllowedPermissions[OA_PERM_SUPER_ACCOUNT] = array($strAllowCreateAccounts, false); } $aAllowedPermissions[OA_PERM_ZONE_EDIT] = array($strAllowAffiliateModifyZones, false, 'MMM_cascadePermissionsChange()'); $aAllowedPermissions[OA_PERM_ZONE_ADD] = array($strAllowAffiliateAddZone, true, false); $aAllowedPermissions[OA_PERM_ZONE_DELETE] = array($strAllowAffiliateDeleteZone, true, false); $aAllowedPermissions[OA_PERM_ZONE_LINK] = array($strAllowAffiliateLinkBanners, false, false); $aAllowedPermissions[OA_PERM_ZONE_INVOCATION] = array($strAllowAffiliateGenerateCode, false, false); $aAllowedPermissions[OA_PERM_USER_LOG_ACCESS] = array($strAllowAuditTrailAccess, false, false); $userAccess->setAllowedPermissions($aAllowedPermissions); $userAccess->setHiddenFields(array('affiliateid' => $affiliateid)); $userAccess->setRedirectUrl('affiliate-access.php?affiliateid=' . $affiliateid); $userAccess->setBackUrl('affiliate-user-start.php?affiliateid=' . $affiliateid); $userAccess->process();
/** * Checks if user has access to specific area (for example admin or agency area) * Permissions are defined in www/admin/lib-permissions.inc.php file * * @access public * * @param integer $permissions * @param string $table Table name * @param integer $id Id (or empty if new is created) * @param unknown $allowed check allowed * @param OA_Permission Does the current call require only a subset of the permissions? * If set to null, equivalent to asking permission to do everything on the object * * @return boolean True if has access */ function checkPermissions($permissions, $table = '', $id = null, $allowed = null, $operationAccessType = OA_Permission::OPERATION_ALL) { $isError = false; if (isset($permissions) && !OA_Permission::isAccount($permissions)) { if (!OA_Permission::attemptToSwitchToAccount($permissions)) { $isError = true; } } // Should this check also be part of checkPermissions? if (!empty($id) && !$this->checkIdExistence($table, $id)) { return false; } if (isset($id) && !OA_Permission::hasAccessToObject($table, $id, $operationAccessType)) { if (!OA_Permission::attemptToSwitchForAccess($table, $id)) { $isError = true; } } if (isset($allowed)) { if (OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER, OA_ACCOUNT_TRAFFICKER) && !OA_Permission::hasPermission($allowed)) { $isError = true; } } if ($isError) { $this->raiseError('Access forbidden'); return false; } else { // Set system timezone and return OA_setTimeZoneLocal(); return true; } }
function _builPermissionFields() { $aPermissionsFields = array(); $c = 0; foreach ($this->aAllowedPermissions as $permissionId => $aPermission) { if (is_array($aPermission)) { list($permissionName, $indent, $onClick) = $aPermission; } else { $permissionName = $aPermission; $indent = false; $onClick = false; } $aPermissionsFields[$c] = array('name' => 'permissions[]', 'label' => $permissionName, 'type' => 'checkbox', 'value' => $permissionId, 'checked' => OA_Permission::hasPermission($permissionId, $this->accountId, $this->userid), 'hidden' => $isTrafficker, 'break' => false, 'id' => 'permissions_' . $permissionId, 'indent' => $indent); if ($onClick) { $aPermissionsFields[$c]['onclick'] = $onClick; } $c++; } return $aPermissionsFields; }
$aZoneAds = OA_Dal_Delivery_getZoneLinkedAds($row_zones['zoneid']); if ($aZoneAds['count_active'] > 0 && $row_zones['delivery'] == phpAds_ZoneBanner && count($aZoneAds['lAds']) == 0) { $aZones[$row_zones['zoneid']]['lowPriorityWarning'] = true; } $aZones[$row_zones['zoneid']]['active'] = $aZoneAds['count_active'] > 0; } $oTpl->assign('affiliateId', $affiliateid); $oTpl->assign('aAdvertisers', $clients); $oTpl->assign('aZones', $aZones); $oTpl->assign('listorder', $listorder); $oTpl->assign('orderdirection', $orderdirection); $oTpl->assign('canAdd', OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER) || OA_Permission::hasPermission(OA_PERM_ZONE_ADD)); $oTpl->assign('canEdit', OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER) || OA_Permission::hasPermission(OA_PERM_ZONE_EDIT)); $oTpl->assign('canLink', OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER) || OA_Permission::hasPermission(OA_PERM_ZONE_LINK)); $oTpl->assign('canInvocation', OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER) || OA_Permission::hasPermission(OA_PERM_ZONE_INVOCATION)); $oTpl->assign('canDelete', OA_Permission::isAccount(OA_ACCOUNT_ADMIN) || OA_Permission::isAccount(OA_ACCOUNT_MANAGER) || OA_Permission::hasPermission(OA_PERM_ZONE_DELETE)); /*-------------------------------------------------------*/ /* Store preferences */ /*-------------------------------------------------------*/ $session['prefs']['affiliate-zones.php']['listorder'] = $listorder; $session['prefs']['affiliate-zones.php']['orderdirection'] = $orderdirection; $session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['affiliateid'] = $affiliateid; phpAds_SessionDataStore(); /*-------------------------------------------------------*/ /* HTML framework */ /*-------------------------------------------------------*/ $oTpl->display(); phpAds_PageFooter(); function buildHeaderModel($websiteId) { if ($websiteId) {
$oHeaderModel = MAX_displayWebsiteBreadcrumbs($affiliateid); if (OA_Permission::isAccount(OA_ACCOUNT_MANAGER)) { // Get other affiliates $doAffiliates = OA_Dal::factoryDO('affiliates'); $doAffiliates->addSessionListOrderBy('affiliate-zones.php'); $doAffiliates->agencyid = $agencyid; $doAffiliates->find(); while ($doAffiliates->fetch() && ($row = $doAffiliates->toArray())) { phpAds_PageContext(MAX_buildName($row['affiliateid'], $row['name']), "affiliate-invocation.php?affiliateid=" . $row['affiliateid'], $affiliateid == $row['affiliateid']); } addWebsitePageTools($affiliateid); phpAds_PageHeader("4.2.5", $oHeaderModel); } else { $sections = array(); $sections[] = "2.1"; if (OA_Permission::hasPermission(OA_PERM_ZONE_INVOCATION)) { $sections[] = "2.2"; } phpAds_PageHeader('2.2', $oHeaderModel); phpAds_ShowSections($sections); } /*-------------------------------------------------------*/ /* Main code */ /*-------------------------------------------------------*/ require_once MAX_PATH . '/lib/max/Admin/Invocation/Publisher.php'; $maxInvocation = new MAX_Admin_Invocation_Publisher(); $maxInvocation->placeInvocationForm(); /*-------------------------------------------------------*/ /* HTML framework */ /*-------------------------------------------------------*/ phpAds_PageFooter();
// There are no restrictions on users that are applied to the autocomplete // list, as the admin account can see all accounts and therefore users in // its realm $oDbh =& OA_DB::singleton(); $query = $oDbh->quote('%' . $q . '%'); $doUsers = OA_Dal::factoryDO('users'); $doUsers->whereAdd('username LIKE ' . $query . ' OR email_address LIKE ' . $query); $doUsers->limit($limit); $doUsers->find(); while ($doUsers->fetch()) { echo htmlspecialchars($doUsers->user_id) . '|' . htmlspecialchars($doUsers->email_address) . '|' . htmlspecialchars($doUsers->username) . "\n"; } break; case OA_ACCOUNT_MANAGER: // Check that they have the super account permission if (!OA_Permission::hasPermission(OA_PERM_SUPER_ACCOUNT)) { break; } // A manager account can only "see" those users that are already linked to the // current account, and to the advertiser and trafficker accounts that are in the // current account's realm -- display only these users -- but also exclude any // user that is also linked to the admin account $aAdminUserIds = array(); $aUserIds = array(); $oDbh =& OA_DB::singleton(); // Get the ID of all users linked to the admin account $adminAccountId = OA_Dal_ApplicationVariables::get('admin_account_id'); $doAccount_user_assoc = OA_Dal::factoryDO('account_user_assoc'); $doAccount_user_assoc->account_id = $adminAccountId; $doAccount_user_assoc->find(); while ($doAccount_user_assoc->fetch() > 0) {
$aCount['campaigns']++; if ($hideinactive == true && ($campaign['status'] != OA_ENTITY_STATUS_RUNNING || $campaign['status'] == OA_ENTITY_STATUS_RUNNING && count($campaign['banners']) == 0 && count($campaign['banners']) < $campaign['count'])) { $aCount['campaigns_hidden']++; unset($aCampaigns[$key]); } } } $oTpl->assign('clientId', $clientid); $oTpl->assign('aCampaigns', $aCampaigns); $oTpl->assign('aCount', $aCount); $oTpl->assign('hideinactive', $hideinactive); $oTpl->assign('listorder', $listorder); $oTpl->assign('orderdirection', $orderdirection); $oTpl->assign('showconversions', $conf['logging']['trackerImpressions']); $oTpl->assign('isAdvertiser', OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER)); $oTpl->assign('canEdit', OA_Permission::hasPermission(OA_PERM_BANNER_ACTIVATE) || OA_Permission::hasPermission(OA_PERM_BANNER_EDIT)); $oTpl->assign('isManager', OA_Permission::isAccount(OA_ACCOUNT_MANAGER)); /*-------------------------------------------------------*/ /* Store preferences */ /*-------------------------------------------------------*/ $session['prefs']['advertiser-campaigns.php'][$clientid]['hideinactive'] = $hideinactive; $session['prefs']['advertiser-campaigns.php'][$clientid]['listorder'] = $listorder; $session['prefs']['advertiser-campaigns.php'][$clientid]['orderdirection'] = $orderdirection; $session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['clientid'] = $clientid; phpAds_SessionDataStore(); /*-------------------------------------------------------*/ /* HTML framework */ /*-------------------------------------------------------*/ /** add view hooks **/ OX_Admin_UI_ViewHooks::registerPageView($oTpl, 'advertiser-campaigns', array('advertiserId' => $clientid)); $oTpl->display();
/** * A method to show an error if the user doesn't have specific permissions to * perform an action on his account. This method only performs a permission check * if user is working as an accountType * * @static * @param string $permission See OA_PERM_* constants * @param int $accountId Defaults to the current active account */ function enforceAccountPermission($accountType, $permission) { if (OA_Permission::isAccount($accountType)) { OA_Permission::enforceTrue(OA_Permission::hasPermission($permission)); } return true; }