function canModify($utilisteur) { if (isSuperAdmin()) { return true; } elseif (isAdmin() && $utilisteur['admin'] != true) { return true; } }
<?php # # (c) C4G, Santosh Vempala, Ruban Monu and Amol Shintre # Main page for adding new lab user account # Called from lab_config_home.php # include("../users/accesslist.php"); if( !(isAdmin(get_user_by_id($_SESSION['user_id'])) && in_array(basename($_SERVER['PHP_SELF']), $adminPageList)) && !(isCountryDir(get_user_by_id($_SESSION['user_id'])) && in_array(basename($_SERVER['PHP_SELF']), $countryDirPageList)) && !(isSuperAdmin(get_user_by_id($_SESSION['user_id'])) && in_array(basename($_SERVER['PHP_SELF']), $superAdminPageList)) ) { header( 'Location: home.php' ); } include("redirect.php"); include("includes/page_elems.php"); include("includes/script_elems.php"); LangUtil::setPageId("lab_config_home"); $script_elems = new ScriptElems(); $page_elems = new PageElems(); $reload_url = $_REQUEST['ru']."&show_u=1"; $lab_config_id = $_REQUEST['lid']; ?> <script type="text/javascript"> function add_lab_user() { var username = $('#lab_user').attr('value'); var pwd = $('#pwd').attr('value'); var email = $('#email').attr('value'); var phone = $('#phone').attr('value');
/** * CUtil::isSuperAdmin() * added by periyasami_145at11 * To check whether the logged user is admin * @return boolean */ public static function isSuperAdmin() { return isSuperAdmin(); }
function DisplayEditor($strJsAction = 'actionClickOnSaveConfig', $strSection = false) { if (!$this->parse()) { return getError(); } $idForm = 'form_editor_config_' . $this->getIdName(); if ($strSection) { $idForm .= '_section_' . $strSection; } $strReturn = ' <form action="' . $_SERVER["REQUEST_URI"] . '" method="POST" id="' . $idForm . '" onSubmit="return ' . $strJsAction . '(\'' . $idForm . '\',\'' . urljsencode($this->getRelativePath()) . '\',\'' . $strSection . '\');"> <div id="listParams"> '; $tabToEdit =& $this->tabParams; if ($strSection && isset($this->tabParams[$strSection])) { $tabToEdit =& $this->tabParams[$strSection]; } foreach ($tabToEdit as $strParam => $strValue) { if (!is_array($strValue)) { $strReturn .= $this->__getEditorFormItem($strParam, $strValue, $idForm); } /*else if($strSection){//edition d'une section $strTpl = '<FIELDSET> <LEGEND>'.$strParam.'</LEGEND> {ITEMS} </FIELDSET> '; $items=''; foreach($strValue as $strParamSec=>$strValueSec){ $items .= $this->__getEditorFormItem($strParamSec, $strValueSec,$idForm); } $strReturn .= str_replace('{ITEMS}',$items,$strTpl); }*/ } //end for each var $strReturn .= ' </div> <textarea name="srcParams" id="srcParams" wrap="off" style="width:90%;height:280px;display:none;">' . (is_file($this->path) ? file_get_contents($this->path) : '') . '</textarea> <div style="text-align:right;padding-top:10px;">' . (isSuperAdmin() ? '<button class="ui-state-default ui-corner-all" type="button" onclick="toggleShowConfigEditor(this.form);return false">' . _('Source') . '</button>' : '') . ' <button class="ui-state-default ui-corner-all" type="submit">' . _('save') . '</button> </div> </form> '; return $strReturn; }
die; } } // Replace dropped +'s, urldecodes to space. $to = str_replace(" ", '+', $_POST['to']); if (!filter_var($to, FILTER_VALIDATE_EMAIL)) { if ($fromMarklet) { $message = '<div class="LV_invalid">Error sending love - invalid request</div>'; } else { error_log("sendlove.php: email failed validation filter"); echo json_encode(array('error' => 1, 'messages' => 'invalid request')); die; } } // params are: $userid, $username, $isSuper, $nickname, $to, $for, $priv $isSuper = isSuperAdmin(); $for_stripped = smart_strip_tags($_POST['for1']); $for = mysql_real_escape_string($for_stripped); if ($_SESSION['username'] == $to) { if ($fromMarklet) { $message = '<div class="LV_invalid">You cannot send love to yourself.</div>'; } else { die("Love sent: self"); } } $rc = sendlove_toanother($_SESSION['userid'], $_SESSION['username'], $_SESSION['nickname'], $isSuper, $to, $for, (int) $_POST["priv"] > 0); if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') { echo json_encode(array('response' => $rc)); exit; // The following section is not executed due the preceeding speedup workaround. - GJ - Aug 12, 2011 // return a json array containing updated Love counts for dynamic page update
<?php ob_start(); // // Copyright (c) 2009, LoveMachine Inc. // All Rights Reserved. // http://www.lovemachineinc.com // include_once "config.php"; require_once "class.session_handler.php"; include_once "helper/check_session.php"; include_once "functions.php"; /* Only super admins can access this page. */ if (!isSuperAdmin()) { header("location:login.php?redir=" . urlencode($_SERVER['REQUEST_URI'])); return; } /* Ajax requests must have HTTP referer set correctly. */ if (isset($_POST['ajax']) && !checkReferer()) { die; } $con = mysql_connect(DB_SERVER, DB_USER, DB_PASSWORD); mysql_select_db(DB_NAME, $con); /************************************** Start Pagination ************************************/ $limit = 20; $page = isset($_REQUEST["page"]) ? $_REQUEST["page"] : 1; //Get the page number to show, set default to 1 /********************************************************************************************/ if (isset($_POST['ajax']) && !empty($_POST['update']) && !empty($_POST['feature'])) { // AJAX request from ourselves to update company features $id = intval($_POST['update']);
" class="panel-link infobulles" id="images"> <div class="block-icon"><div class="img-icon"><img style="padding-top:5px;" src="<?php echo SITE_URL; ?> core/admin/theme/images/admin/icon-images.gif" /></div><div class="title-icon"><?php echo _('Medias'); ?> </div><div class="reset"></div></div> <span> <h3>Gestion de vos médias</h3> <p>Vous pouvez gérer ici les images du site ainsi que les fichiers joins (pdf ....)</p> </span> </a> </td> <?php if (isSuperAdmin()) { ?> <td> <a href="admin_configurator.php" class="panel-link infobulles" id="options"> <div class="block-icon"><div class="img-icon"><img style="padding-top:10px;" src="<?php echo SITE_URL; ?> core/admin/theme/images/admin/icon-options.gif" /></div><div class="title-icon"><?php echo _('Options'); ?> </div><div class="reset"></div></div> <span> <h3><?php echo _('Configuration du site'); ?> </h3>