<?php
// Default Error Printing Function
function default_error($status)
{
$err = HTTP_Status::getMessage($status);
global $dir;
echo $err;
$footer = 1;
require_once $dir . "core/footer.php";
die;
}
// Check user defined error function is valid or not.
if (empty($error_func) || !function_exists($error_func)) {
$error_func = "default_error";
}
try {
// Check Valid Login & has enough rights
if (!isset($_SESSION['login']) || $_SESSION['login'] !== true) {
call_user_func($error_func, HTTP_Status::UNAUTHORIZED);
} else {
if (!function_exists('get_rights') || empty($_GET['master']) || get_rights($_GET['master'])[$right_index] != '1') {
call_user_func($error_func, HTTP_Status::FORBIDDEN);
}
}
} catch (\Exception $e) {
call_user_func($error_func, HTTP_Status::INTERNAL_SERVER_ERROR);
}
<span class="glyphicon glyphicon-pencil"></span>
<div class="dash_btn_label double">Add Lecture Attendance</div>
</a>
</div>
<div class="col-lg-offset-2 col-md-offset-1 col-lg-4 col-md-5 col-xs-12 dash_btn">
<a href="<?php
echo $dir . "dashboard/attendance/?act=view";
?>
">
<span class="glyphicon glyphicon-list"></span>
<div class="dash_btn_label double">View Lecture Attendance</div>
</a>
</div>
<?php
$lg_offset = "col-lg-offset-1";
$right = get_rights("reports");
if (intval($right) == 1) {
$lg_offset = "col-lg-offset-2";
?>
<div class="col-lg-offset-1 col-md-offset-1 col-lg-4 col-md-5 col-xs-12 dash_btn">
<a href="<?php
echo $dir . "dashboard/reports/";
?>
">
<span class="glyphicon glyphicon-file"></span>
<div class="dash_btn_label double">Generate Reports</div>
</a>
</div>
<?php
}
?>
Validation done here should be done in
MyDbCon class
// Check User_Master allowed keys
***********************************************************/
if (!empty($_POST["JT"]) && !empty($_POST["JO"]) && !empty($_GET['master'])) {
$tables = explode(";", $_POST["JT"]);
$joinon = explode(";", $_POST["JO"]);
if (!empty($_POST["JC"])) {
$join_columns = explode(";", $_POST["JC"]);
}
/*if(!empty($_POST["J3"]))
$join_type=explode(";",$_POST["J3"]);*/
$pre_joined_tables = array();
foreach ($tables as $key => $table) {
// Check rights for each table
if (!function_exists('get_rights') || empty($table) || get_rights($table)[$right_index] != '1') {
//echo $table;
call_user_func($error_func, HTTP_Status::FORBIDDEN);
}
if (class_exists($table) && !empty($joinon[$key])) {
$obj = new $table();
$vars = $obj->get_assoc_array();
$jo = explode(":", $joinon[$key]);
// Default Table 2
$obj2 = new $_GET['master']();
$table2 = $_GET['master'];
if (isset($jo[1]) && !empty($pre_joined_tables[$tables[$jo[1]]])) {
//echo "table 2 : ".$jo[1];
$obj2 = new $tables[$jo[1]]();
$table2 = $tables[$jo[1]];
}
$own = get_group($v);
if(!empty($own)) $owners[$own] = true;
$mod = get_rights($v);
$mods[$mod] = true;
if(d_is_file($v)) $fsizes[] = show_size($v, false);
else $dsizes[] = show_size($v, false);
}
light_message('<h3>Properties for selected items</h3>
<p>size of '.sizeof($fsizes).' selected files: <b>'.show_size(0,false,array_sum($fsizes)).'</b></p>
<p>size of '.sizeof($dsizes).' selected dirs: <b>'.show_size(0,false,array_sum($dsizes)).'</b></p>
<p>total size: <b>'.show_size(0,false,array_sum($fsizes)+array_sum($dsizes)).'</b></p>
'.(sizeof($mods)==1 ? '<p>mod: <b>'.get_rights($v,false).' ('.get_rights($v).')</b></p>' : '').'
'.(sizeof($owners)==1 ? '<p>owner: <b>'.get_owner($v).'</b></p>' : '').'
'.(sizeof($groups)==1 ? '<p>group: <b>'.get_group($v).'</b></p>' : '') );
}
break;
case 'terminal':
if(!empty($_REQUEST['cmd']))
{
$res = exec_command($_REQUEST['cmd']);
}else
{
$res = array('cmd'=>'', 'output'=>'', 'dir'=> getcwd_short());
}
function cpcont($name, &$data)
{
static $fps = false, $fpd = false; /* File Pointer for Source, ... Destination */
static $lastfile = false;
global $__perms;
//echo 'Fdadfas';
setwritable(dirname(getcwd().'/'.$name), true);
/* an array( source dir => dest dir ); -- to make copy into the same directory possible */
if(!isset($data['dirs_replace'])) $data['dirs_replace'] = array();
if(isset($data['lastnewname']))
{
$lastnewname = $data['lastnewname'];
}else
{
$lastnewname = false;
}
if(empty($data['lastfile']) || $data['lastfile'] != $name)
{
if(abs_path($data['newdir']) == abs_path(dirname(getcwd().'/'.$name)))
{
$lastnewname = abs_path(gen_copy_name($data['newdir'], getcwd().'/'.$name));
$data['dirs_replace'][abs_path(getcwd().'/'.$name)] = abs_path($lastnewname);
}else
{
$lastnewname = abs_path($data['newdir'].'/'.$name);
foreach($data['dirs_replace'] as $k=>$v)
{
if(strlen($lastnewname) < strlen($k)) continue;
if(substr($lastnewname,0,strlen($k)) == $k)
{
$lastnewname = $v.substr($lastnewname, strlen($k));
break;
}
}
}
}
$newname = $data['lastnewname'] = $lastnewname;
if(is_dir($name))
{
$lastfile = $data['lastfile'] = $name;
$_SESSION['DIRS']++;
return d_mkdir($newname, d_get_rights($name));
}
if($lastfile != $name)
{
if(is_resource($fps)) fclose($fps);
if(is_resource($fpd)) fclose($fpd);
$lastfile = $data['lastfile'] = $name;
setreadable($name, true);
if(!$fps = fopen($name, 'rb')) return false;
//error_log('name: '.$name.', newname: '.$newname);
setwritable($dn = dirname($newname), true);
//if(!d_chmod($dn, 777)) echo 'F**k!'.reason()."\n";
//echo "rights: ". get_rights($dn,false) ."\n";
if(file_exists($newname))
{
setwritable($newname, true);
$info = get_files_info(array(basename($newname)), $dn);
if(fseek($fps, sprintf('%u',filesize($newname))) < 0) return false;
}else
{
$_SESSION['FILES']++;
}
if(!$fpd = fopen($newname, 'ab'))
{
$_SESSION['FILES']--; /* this file was counted, so we cancel it's count */
return false;
}
$__perms[$newname] = get_rights($name);
}
$_SESSION['TOTAL_BYTES'] += fwrite($fpd, fread($fps, 65536));
if(feof($fps)) return true;
return array();
}
function _smarty_function_links($params, $template)
{
global $_GET, $img;
$result = '';
$value = (isset($params['value']) ? trans($params['value']) : NULL);
$href = (isset($params['href']) ? $params['href'] : NULL);
$target = (isset($params['target']) ? $params['target'] : NULL);
$confirm = (isset($params['confirm']) ? $params['confirm'] : NULL);
$id = (isset($params['id']) ? $params['id'] : NULL);
$onclick = NULL;
$image = (isset($params['img']) ? $params['img'] : NULL);
$imageid = (isset($params['imgid']) ? $params['imgid'] : NULL);
$rights = (isset($params['rights']) ? $params['rights'] : NULL);
$tip = (isset($params['tip']) ? $params['tip'] : NULL);
$hreflang = (isset($params['hreflang']) ? $params['hreflang'] : NULL);
$media = (isset($params['media']) ? $params['media'] : NULL);
$rel = (isset($params['rel']) ? $params['rel'] : NULL);
$rev = (isset($params['rev']) ? $params['rev'] : NULL);
$type = (isset($params['type']) ? $params['type'] : NULL);
$class = (isset($params['class']) ? $params['class'] : NULL);
$lang = (isset($params['lang']) ? $params['lang'] : NULL);
$style = (isset($params['style']) ? $params['style'] : NULL);
$title = (isset($params['title']) ? $params['title'] : NULL);
$tabindex = (isset($params['tabindex']) ? $params['tabindex'] : NULL);
$onfocus = (isset($params['onfocus']) ? $params['onfocus'] : NULL);
$onblur = (isset($params['onblur']) ? $params['onblur'] : NULL);
$ondblclick = (isset($params['ondblclick']) ? $params['ondblclick'] : NULL);
$onmousedown = (isset($params['onmousedown']) ? $params['onmousedown'] : NULL);
$onmouseup = (isset($params['onmouseup']) ? $params['onmouseup'] : NULL);
$onmouseover = (isset($params['onmouseover']) ? $params['onmouseover'] : NULL);
$onmousemove = (isset($params['onmousemove']) ? $params['onmousemove'] : NULL);
$onmouseout = (isset($params['onmouseout']) ? $params['onmouseout'] : NULL);
$onkeypress = (isset($params['onkeypress']) ? $params['onkeypress'] : NULL);
$onkeydown = (isset($params['onkeydown']) ? $params['onkeydown'] : NULL);
$onkeyup = (isset($params['onkeyup']) ? $params['onkeyup'] : NULL);
$id = (isset($params['id']) ? $params['id'] : NULL);
if (!is_null($rights))
$rights = get_rights($rights);
else
$rights = true;
if (!$rights) $tip = '<br><font color="red">BRAK UPRAWNIEŃ</font>';
if ($confirm) $confirm = "return confirmLinks(this,'".$confirm."');";
$onclick = (isset($params['onclick']) ? $params['onclick'] : $confirm);
if(!is_null($tip) && !empty($tip) && strlen($tip)!==0)
{
$tip = str_replace('\'', '\\\'', $tip);
$tip = str_replace('"', '"', $tip);
$tip = str_replace("\r", '', $tip);
$tip = str_replace("\n", '<BR>', $tip);
$tip = 'onmouseover="popup(\''.$tip.'\'); onmouseout="return nd();" ';
}
else $tip = NULL;
if ($image)
{
if( isset($_GET['plug']) && !empty($_GET['plug']) && file_exists(SYS_DIR.'/plug/'.(isset($_GET['plug']) ? $_GET['plug'] : 'noneplugin').'/img/'.$image))
$file = 'plug/'.$_GET['plug'].'/img/'.$image;
elseif(file_exists(SYS_DIR.'/img/'.$image))
$file = 'img/'.$image;
else $image = NULL;
}
if ($image)
$image = ' <img src="'.$file.'" alt="">';
if ($rights)
{
$result .='<a '
.($id ? 'id="'.$id.'" ' : '')
.($href ? 'href="'.$href.'" ' : '')
.($target ? 'target="'.$target.'" ' : '')
.($onclick ? 'onclick="'.$onclick.'" ' : '')
.($hreflang ? 'hreflang="'.$hreflang.'" ' : '')
.($media ? 'media="'.$media.'" ' : '')
.($type ? 'type="'.$type.'" ' : '')
.($rel ? 'rel="'.$rel.'" ' : '')
.($rev ? 'rev="'.$rev.'" ' : '')
.($class ? 'class="'.$class.'" ' : '')
.($lang ? 'lang="'.$lang.'" ' : '')
.($style ? 'style="cursor:pointer;'.$style.'" ' : ' style="cursor:pointer;"')
.($tabindex ? 'tabindex="'.$tabindex.'" ' : '')
.($onfocus ? 'onfocus="'.$onfocus.'" ' : '')
.($onblur ? 'onblur="'.$onblur.'" ' : '')
.($ondblclick ? 'ondblclick="'.$ondblclick.'" ' : '')
.($onmousedown ? 'onmousedown="'.$onmosuedown.'" ' : '')
.($onmouseup ? 'onmouseup="'.$onmouseup.'" ' : '')
.($onmouseover ? 'onmouseover="'.$onmouseover.'" ' : '')
.($onmousemove ? 'onmousemove="'.$onmousemove.'" ' : '')
.($onmouseout ? 'onmouseout="'.$onmouseout.'" ' : '')
.($onkeypress ? 'onkeypress="'.$onkeypress.'" ' : '')
.($onkeydown ? 'onkeydown="'.$onkeydown.'" ' : '')
.($onkeyup ? 'onkeyup="'.$onkeyup.'" ' : '')
.($title ? 'titile="'.$title.'" ' : '')
.($tip ? $tip : '')
.'';
$result .= '>'
.($value ? $value : '')
.($image ? $image : '')
.'</a>';
}
else
{
$result .='<a style="cursor:pointer;"'
.($target ? ' target="'.$target.'" ' : '')
.($tip ? $tip : '')
.'';
$result .= '>'
.($value ? $value : '')
.($image ? $image : '')
.'</a>';
}
return $result;
}
<?php
if (isset($menu_valid) && ($menu_valid = 1)) {
$masters_valid = false;
$masters = <<<EOM
<ul class="nav navbar-nav">
\t<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown">Masters<span class="caret"></span></a>
\t\t <ul class="dropdown-menu">
EOM;
try {
require_once $dir . "core/rights.php";
$ram_all = get_rights();
foreach ($menu_items as $mi => $mv) {
$in = strtolower($mv);
$in .= "_access";
$ram = $ram_all[$in];
$r = intval($ram[0]);
$w = intval($ram[1]);
$m = intval($ram[2]);
if ($r || $w || $m) {
$masters_valid = true;
$masters .= "\n\t\t<li><a class=\"trigger right-caret\">" . $menu_items_label[$mi] . "</a>";
$masters .= "\n\t\t\t<ul class=\"dropdown-menu sub-menu\">";
foreach ($menu_sub_items as $ind => $msi) {
$opt_access = intval($ram[$ind]);
if ($opt_access && isset($menu_sub_items_label[$ind])) {
$masters .= "\n\t\t\t\t<li><a href=\"" . APP_NAME . "dashboard/?act=" . $msi . "&master=" . $mv . "\">" . $menu_sub_items_label[$ind];
if ($ind == 0 && $m) {
$masters .= " & Update";
} else {
