/** * Display Solr results. */ public function indexAction() { // Get pagination settings. $limit = get_option('per_page_public'); $page = $this->_request->page ? $this->_request->page : 1; $start = ($page - 1) * $limit; // determine whether to display private items or not // items will only be displayed if: // solr_search_display_private_items has been enabled in the Solr Search admin panel // user is logged in // user_role has sufficient permissions $user = current_user(); if (get_option('solr_search_display_private_items') && $user && is_allowed('Items', 'showNotPublic')) { // limit to public items $limitToPublicItems = false; } else { $limitToPublicItems = true; } // Execute the query. $results = $this->_search($start, $limit, $limitToPublicItems); // Set the pagination. Zend_Registry::set('pagination', array('page' => $page, 'total_results' => $results->response->numFound, 'per_page' => $limit)); // Push results to the view. $this->view->results = $results; }
/** * Get current Username . * */ function current_username() { $user = current_user(); if (isset($user->id)) { return isset($user->name) ? $user->name : $user->email; } }
/** * Saves a survey result to the database. * If the survey result is not saved yet, its srid will be added to the * survey_result_entity. * @param Survey_result_entity (by reference) * * @return boolean * Whether or not the save was successful. */ public function save(Survey_result_entity &$entity) { // To ensure date consistency. $date = Mongo_db::date(); // Set update date: $entity->updated = $date; if ($entity->author === NULL) { $entity->author = current_user()->uid; } $prepared_data = array(); foreach ($entity as $field_name => $field_value) { $prepared_data[$field_name] = $field_value; } if ($entity->is_new()) { // Add new properties. $entity->srid = increment_counter(self::COUNTER_COLLECTION); $entity->created = clone $date; // Add properties to prepared_data. $prepared_data['srid'] = $entity->srid; $prepared_data['created'] = $entity->created; $result = $this->mongo_db->insert(self::COLLECTION, $prepared_data); return $result !== FALSE ? TRUE : FALSE; } else { $result = $this->mongo_db->set($prepared_data)->where('srid', $entity->srid)->update(self::COLLECTION); return $result !== FALSE ? TRUE : FALSE; } }
/** * Buttons to edit, delete post * * @param type $post * @return type */ function post_control($post) { if (!user_signed_in()) { return; } $user = current_user(); if ($user['banned']) { return; } $type = array_search($post['type'], blog_types()); // now we have got 'news' key if (user_is('admin') or $user['id'] == $post['user_id']) { ?> <span class="post-control"> <a href="<?php echo site_url('post/form/' . $post['id']); ?> " title="Редактировать"><i class="icon-pencil"></i></a> <a href="#" class="delete" id="destroy-<?php echo $post['id']; ?> " title="Удалить"><i class="icon-trash"></i></a> </span> <?php } }
function comment_form($post_id) { if (!user_signed_in()) { ?> <p> Извините, комментарии могут оставлять только <a href="<?php echo site_url('user/register'); ?> ">зарегистрированные</a> пользователи.<br/> Если вы помните свой логин и пароль, то вы можете <a href="<?php echo site_url('user/login'); ?> ">войти здесь</a> </p> <?php return; } $user = current_user(); ?> <a name="comment_form"></a> <form method="POST" action="<?php echo site_url('post/comment/' . $post_id); ?> " onSubmit="return AC.comment.on_submit()"> <input type="hidden" name="post_id" id="post_id" value="<?php echo form_prep($post_id); ?> "/> <input type="hidden" name="parent_id" id="parent_id" value="0" /> <textarea name="text" id="text" style="width:90%;height:195px"></textarea><br/> <input type="submit" value="Написать" class="btn btn-success" /> </form> <?php }
function require_login(){ if(!current_user()){ $_SESSION['redirect_to'] = $_SESSION["REQUEST_URI"]; header("Location: login.php?login_required=1"); exit("you must log in."); } }
public function setIsHeld($hold) { # Hack because the data comes in as a string: if ($hold === "false") { $hold = false; } $user = current_user(); # Only the original poster can hold or unhold a post. if (!$user || !$user->has_permission($this)) { return; } if ($hold) { # A post can only be held within one minute of posting (except by a moderator); # this is intended to be used on initial posting, before it shows up in the index. if ($this->created_at && strtotime($this->created_at) < strtotime('-1 minute')) { return; } } $was_held = $this->is_held; $this->attributes['is_held'] = $hold; # When a post is unheld, bump it. if ($was_held && !$hold) { $this->touch_index_timestamp(); } return $hold; }
/** * Initializer. * * @access public * @return BaseController */ public function __construct() { $is_admin = Request::is('admin*'); $is_backend = Request::is('backend*'); /* Set middleware(s) based on route URLs */ if ($is_admin || $is_backend) { $this->middleware('auth'); if ($is_backend) { // Backend specific middleware $this->middleware('auth.backend'); } $this->middleware('auth.permissions'); if (!Request::is('*users/change-password')) { // No validation for stale password if password is being changed $this->middleware('auth.pw_6_months'); } } list($this->link_type, $this->link, $this->layout, $this->current_theme) = current_section(); View::share('link_type', $this->link_type); View::share('current_theme', $this->current_theme); $website_settings = Setting::lists('value', 'name')->all(); View::share('website_settings', $website_settings); $locale = Setting::value('language'); App::setLocale($locale); Lang::setLocale($locale); $this->user = current_user(); View::share('current_user', $this->user); View::share('current_user_companies', current_user_companies()); }
/** * Add authorization check before calling any action * * @return * a HTTP status code. This method add only authorization checks * so it can return No2_HTTP::UNAUTHORIZED, No2_HTTP::FORBIDDEN or * No2_HTTP::OK. */ protected function before_filter() { // csrf check $csrf_methods = ['POST', 'PUT', 'PATCH', 'DELETE']; if ($this->check_csrf() && in_array($this->http_method, $csrf_methods)) { $req_http_headers = array_change_key_case(getallheaders(), CASE_LOWER); if (array_key_exists('x-csrf-token', $req_http_headers)) { $token = $req_http_headers['x-csrf-token']; } else { if (array_key_exists('_csrf', $_REQUEST)) { $token = $_REQUEST['_csrf']; } else { $token = ""; } } if (!csrf_token_check($token)) { No2_Logger::warn(sprintf('bad CSRF token: expected [%s] but got [%s]', csrf_token(), $token)); return No2_HTTP::BAD_REQUEST; } } // authorization check if (!$this->authorize(current_user(), $this->action)) { return current_user()->is_anonymous() ? No2_HTTP::UNAUTHORIZED : No2_HTTP::FORBIDDEN; } return parent::before_filter(); }
public function handle($request, Closure $next) { if (current_user()) { return redirect()->to(current_user()->getHomeUrl()); } return $next($request); }
public function register() { Menu::macro('back', function () { return Menu::new()->setActiveClass('-active')->setActiveFromRequest('/blender'); }); Menu::macro('moduleGroup', function ($title) { return Menu::back()->addParentClass('menu__group')->setParentAttribute('data-menu-group', fragment("back.nav.{$title}"))->registerFilter(function (Link $link) { $link->addParentClass('menu__group__item'); }); }); Menu::macro('module', function (string $action, string $name) { return $this->action("Back\\{$action}", fragment("back.{$name}")); }); Menu::macro('backMain', function () { return Menu::back()->addClass('menu__groups')->setAttribute('data-menu-groups')->add(Menu::moduleGroup('content')->module('ArticlesController@index', 'articles.title')->module('NewsController@index', 'news.title')->module('PeopleController@index', 'people.title'))->add(Menu::moduleGroup('modules')->module('FragmentsController@index', 'fragments.title')->module('FormResponsesController@showDownloadButton', 'formResponses.title')->module('TagsController@index', 'tags.title'))->add(Menu::moduleGroup('users')->module('MembersController@index', 'members.title')->module('AdministratorsController@index', 'administrators.title'))->add(Menu::moduleGroup('system')->module('ActivitylogController@index', 'log.title')->module('RedirectsController@index', 'redirects.title')->module('StatisticsController@index', 'statistics.menuTitle')); }); Menu::macro('backUser', function () { $avatar = Html::avatar(current_user(), '-small') . el('span.:response-desktop-only', current_user()->email); return Menu::new()->action('Back\\AdministratorsController@edit', $avatar, [current_user()->id])->html(view('back.auth._partials.logoutForm')); }); Menu::macro('breadcrumbs', function (array $breadcrumbs) { return Menu::build($breadcrumbs, function (Menu $menu, $actionWithParameters, $label) { if (!is_array($actionWithParameters)) { $actionWithParameters = [$actionWithParameters]; } $action = array_shift($actionWithParameters); return $menu->action($action, $label, $actionWithParameters); })->addClass('breadcrumb')->setActiveFromRequest('/blender'); }); }
public function getRepresentation(Omeka_Record_AbstractRecord $comment) { $user = current_user(); if ($user->role == 'admin' || $user->role == 'super') { $allowAll = true; } else { $allowAll = false; } $representation = array('id' => $comment->id, 'url' => self::getResourceUrl("/comments/{$comment->id}"), 'record_id' => $comment->record_id, 'record_type' => $comment->record_type, 'path' => $comment->path, 'added' => self::getDate($comment->added), 'body' => $comment->body, 'author_name' => $comment->author_name, 'author_url' => $comment->author_url, 'approved' => (bool) $comment->approved); if ($allowAll) { $representation['ip'] = $comment->ip; $representation['user_agent'] = $comment->user_agent; $representation['flagged'] = $comment->flagged; $representation['is_spam'] = $comment->is_spam; } if ($comment->parent_comment_id) { $representation['parent_comment'] = array('id' => $comment->parent_comment_id, 'resource' => 'comments', 'url' => self::getResourceUrl("/comments/{$comment->parent_comment_id}")); } else { $representation['parent_comment'] = null; } $typeResource = Inflector::tableize($comment->record_type); $representation['record_url'] = array('id' => $comment->record_id, 'resource' => $typeResource, 'url' => self::getResourceUrl("/{$typeResource}/{$comment->record_id}")); if ($comment->user_id) { $representation['user'] = array('id' => $comment->user_id, 'url' => self::getResourceUrl("/users/{$comment->user_id}")); } else { $representation['user'] = null; } if ($user && is_allowed('Commenting_Comment', 'update-approved')) { $representation['author_email'] = $comment->author_email; } return $representation; }
public function todo() { if (!is_login()) { return redirect(site_url('login?url=' . site_url('cart'))); } // 如果购物车为空则返回出错提示 $cart_items = $this->cart->contents(); if (empty($cart_items)) { return redirect(site_url('cart')); } // 添加订单 $order = array('user_id' => current_user()->id, 'subject' => '', 'status' => 0, 'total' => $this->cart->total()); // 添加订单详情 $order_subject = array(); $order_details = array(); foreach ($this->cart->contents() as $items) { $order_subject[] = $items['name']; $detail = array('user_id' => current_user()->id, 'price' => $items['price'], 'quantity' => $items['qty'], 'name' => $items['name'], 'goods_type' => $items['goods_type'], 'goods_id' => $items['goods_id'], 'url' => $items['url']); $order_details[] = $detail; } $order['subject'] = join(' / ', $order_subject); $this->load->model('Order_model', 'order'); $order_obj = $this->order->create($order, $order_details); // 清除购物车 $this->cart->destroy(); // 到支付宝支付,应该还有一个确认订单的过程 $this->load->model('alipay_model', 'alipay'); header("content-Type: text/html; charset=Utf-8"); $alipay_form = array('order_id' => $order_obj->id, 'subject' => $order_obj->subject, 'body' => '', 'show_url' => site_url('orders/' . $order_obj->id), 'price' => $order_obj->total); echo $this->alipay->build_form($alipay_form); // 还应该配置收货地址等,这样用户不用在支付宝去做这个事情了(用户支付宝就用地址?) }
/** * Handle an incoming request. * Check whether the user has backend access or not * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (!current_user()->hasAccess('backend')) { return Redirect::to('admin'); } return $next($request); }
public function addAction() { //require CORRECTIONS_DIR . '/forms/Correction.php'; $this->view->addHelperPath(CORRECTIONS_DIR . '/helpers', 'Corrections_View_Helper_'); $itemId = $this->getParam('item_id'); $item = $this->_helper->db->getTable('Item')->find($itemId); $this->view->item = $item; $elements = $this->getElements(); $this->view->elements = $elements; $user = current_user(); if (!$user) { $captcha = Omeka_Captcha::getCaptcha(); $this->captcha = $captcha; $this->view->captchaScript = $captcha->render(new Zend_View()); } if ($this->getRequest()->isPost()) { if ($user || $this->captcha->isValid(null, $_POST)) { $this->_helper->flashMessenger(__("Thank you for the correction. It is under review."), 'success'); parent::addAction(); } else { $this->_helper->flashMessenger(__('Your CAPTCHA submission was invalid, please try again.'), 'error'); $this->view->corrections_correction = new CorrectionsCorrection(); } } else { parent::addAction(); } }
function hookAdminItemsShow($args) { $item = $args['item']; if (!get_option('audio_recorder_item_show')) { return; } $user = current_user(); $role = is_object($user) ? $user->role : false; switch (get_option('audio_recorder_role')) { case 'admins': if ($role !== 'admin' && $role !== 'super') { return; } break; case 'guests': case 'public': return; break; case 'editors': if (!get_acl()->isAllowed($user, 'edit', $item)) { return; } break; } $this->showWidget($item); }
/** * Helper function to change logged in user. */ public function _change_user($uid) { // Change user. self::$CI->session->set_userdata(array('user_uid' => $uid)); // Force user reloading. current_user(TRUE); }
public function statusAction() { //get user exports $user_id = current_user()->id; $exports = $this->getTable('Spreadsheet')->findSpreadsheetsByUserId($user_id); $this->view->exports = $exports; }
/** * Determine if a user has permission to perform some action. * * @param array|string $permissions Comma or pipe separated list of permission handles, * or an array of handles. * @param object $model [Optional] * @param string $column [Optional] * * @return bool * @throws IncorrectParameterType */ function current_user_can($permissions, $model = null, $column = null) { if (!is_logged_in()) { return false; } return current_user()->can($permissions, $model, $column); }
/** * Render an exception into an HTTP response. * * @param \Illuminate\Http\Request $request * @param \Exception $e * @return \Illuminate\Http\Response */ public function render($request, Exception $exception) { if ($exception && method_exists($exception, 'getStatusCode')) { $code = $exception->getStatusCode(); } else { $code = 500; } if (App::environment() != 'local') { list($link_type, $link, $layout, $theme) = current_section(); View::share('current_theme', $theme); $current_user = current_user(); if ($exception instanceof Illuminate\Database\Eloquent\ModelNotFoundException) { return response(view("{$link_type}.{$theme}.404", array('title' => 'Page Not Found', 'current_user' => $current_user), array(404))); } switch ($code) { case 401: return response(view("{$link_type}.{$theme}.401", array('title' => 'Unauthorized access', 'current_user' => $current_user), array(401))); break; case 404: return response(view("{$link_type}.{$theme}.404", array('title' => 'Page Not Found', 'current_user' => $current_user), array(404))); break; case 503: return response(view('503', array('title' => 'Site Offline', 'link_type' => $link_type, 'current_user' => $current_user), array(503))); break; default: return response(view("{$link_type}.{$theme}.500", array('title' => 'Error', 'current_user' => $current_user), array($code))); break; } } return parent::render($request, $exception); }
/** * Update unique token * * @access private */ private function _csrf_refresh() { // Only refresh if it was posted if (!($sent = $this->input->get_post('act_s'))) { $this->load->helper('cookie'); // Work out transaction signature for this uri $random = ']rnu<^hdgg%y|\\T$w?lva$~U3+hM0Jp{HOr!<,qSdxM-!fEE07q_IwRO"B1=5.~'; $csrf_token = md5($_SERVER['PATH_INFO'] . $this->input->user_agent() . $random . $this->input->ip_address()); // Store relevant data set_cookie('act_s', $csrf_token, 2 * 60 * 60); $this->session->set_userdata('token_time', $this->config->item('request_time')); } else { // Keep the current one $csrf_token = $this->input->cookie('act_s'); } // Set response data $this->javascript->set_constant('act_s', $csrf_token); $this->javascript->add_response('act_s', $csrf_token); // Add user information if ($this->access->logged_in()) { $user_js = current_user('js'); $this->javascript->set_constant('user', $user_js['user']); $this->javascript->set_constant('interface', $user_js['interface']); } }
public function mark_as_read() { $this->updateAttribute('has_seen', true); if (!Dmail::where("to_id = ? AND has_seen = false", current_user()->id)->exists()) { current_user()->updateAttribute('has_mail', false); } }
public function construct() { $this->user_id = current_user()->id; $this->file_name = "OmekaExport" . time() . ".xls"; $this->status = SPREADSHEET_STATUS_INIT; $this->added = date('Y-m-d H:i:s'); }
function user_is($role) { if (!user_signed_in()) { return FALSE; } $user = current_user(); return strtolower($user['role']) == strtolower($role) ? TRUE : FALSE; }
function require_login_json(&$app) { if ($user = current_user()) { return $user; } json_response($app, array('error' => 'not_logged_in')); return false; }
function get($criteria = null) { $user = current_user(); $projects = new Project(); $activity = new Activity(); $this->projects = $projects->get(); $this->activity = $activity->get(); }
/** * Check if the users password was changed within last 6 months or not * If not ask to change the password, before the user can log in * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $last_pw_changed = new Carbon(current_user()->last_pw_changed); if (Carbon::now()->diffInDays(current_user()->created_at) >= 180 && Carbon::now()->diffInDays($last_pw_changed) > 180) { return Redirect::to(Request::segment(1) . '/users/change-password')->with('error_message', trans('users.pw_change_6_months')); } return $next($request); }
function require_login() { if (current_user()) { // redirect to login } else { return true; } }
/** * Check if the users password was changed within last 6 months or not * If not ask to change the password, before the user can log in * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $last_pw_changed = new Carbon(current_user()->last_pw_changed); if (Carbon::now()->diffInDays(current_user()->created_at) >= 180 && Carbon::now()->diffInDays($last_pw_changed) > 180) { return Redirect::to(Request::segment(1) . '/users/change-password')->with('error_message', 'It has been more than 6 months since you last changed your password. You need to change it before you can log in.'); } return $next($request); }
function modify_sql_for_user_type($sql, $type = null) { $current_user = current_user(); if (!$current_user->is('admin')) { $sql .= " AND {$type}.client_id = {$current_user->client_id}"; } return $sql; }