/**
* Show Permission denied page
*/
public function actionPermissionDenied()
{
// TODO: logout user, redirect to admin login form and the error should be dislayed in the form
ErrorHandler::logError('Permission denied!<br />- You do not have enough privilege to access the page you requested or<br />- The requested page is accessible but a service on that page cannot be performed on your behalf.');
Yii::app()->layout = 'permission';
$this->render('PermissionDenied');
}
/**
* Edit user
* User query string Id parameter as the User ID, if Id=0 or not provided
* the action will create a new user
*/
public function actionEdit()
{
$userId = $this->get('Id', 0);
if ($userId == 0) {
$user = new FUser();
$user->Status = FUser::STATUS_MEMBER;
} else {
$user = FUser::model()->findByPk($userId);
}
if (!is_null($user)) {
$user->Password = '';
// We don't show user password
} else {
ErrorHandler::logError(Yii::t('User', 'Invalid user Id.'));
}
$this->render('Edit', array('user' => $user));
}
public function actionSave()
{
$module = $this->post('Module', '');
if (Yii::app()->request->isPostRequest) {
$this->message = 'Your new configuration is updated successfully.';
//POST data
foreach ($_POST as $key => $value) {
$param = Setting::model()->find('Name = :Param AND Module = :Module', array(':Param' => $key, ':Module' => $module));
if (is_null($param)) {
continue;
}
$param->Value = $value;
if (!$param->validate()) {
ErrorHandler::logError($param->getError('Value'));
$this->message = '';
} else {
$param->save();
}
}
//FILE upload if any
foreach ($_FILES as $key => $file) {
/**
* If enctype='multipart/form-data' has file fiels, $_FILES always
* has information related to file fields. We have to check if
* each field has file uploaded or not
*/
if ($file['error'] == UPLOAD_ERR_NO_FILE) {
continue;
}
$param = Setting::model()->find('Name = :Param', array(':Param' => $key));
if (is_null($param)) {
continue;
}
//Not match any setting param
/**
* Set param value to $file as normally an upload file param should have
* a writer Service to save file and return filepath as the final value
*/
$param->Value = $file;
if (!$param->validate()) {
ErrorHandler::logError($param->getError('Value'));
$this->message = '';
} else {
$param->save();
}
}
//Cms::service('Cms/Settings/db2php', array('Module' => $module));
}
$params = array();
if ($module) {
$params = array('module' => $module);
}
$this->redirect($this->createUrl("/Core/settings", $params));
}
/**
* Displays Forbidden Error (403 Error)
*
* @static
* @return bool
*/
public static function displayForbiddenError()
{
$config = Config::getInstance();
try {
$errorPath = $config->getParam("errorPath");
$dir = $errorPath . DS . "view" . DS;
$customDir = $errorPath . DS . "view" . DS . "customTemplates" . DS;
$listDir = @scandir($customDir, 1);
if (count($listDir) == 2) {
$template = "defaultForbiddenError.php";
$template = $dir . $template;
} else {
$template = (string) $config->getParam("customForbiddenTemplate");
$template = $customDir . $dir;
}
if (file_exists($template)) {
require_once $template;
} else {
print "<h1>Error: 403</h1>";
}
$caller = debug_backtrace();
$caller = $caller[1];
if (isset($caller["file"])) {
$file = $caller["file"];
} else {
$file = "";
}
if (isset($caller["line"])) {
$line = $caller["line"];
} else {
$line = 0;
}
$get = print_r($_GET, TRUE);
$post = print_r($_POST, TRUE);
$files = print_r($_FILES, TRUE);
$session = print_r($_SESSION, TRUE);
$message = "403 Forbidden for {$_SERVER["REQUEST_URI"]} IP={$_SERVER["REMOTE_ADDR"]} Parameters: ( GET={$get} | POST={$post} | FILE={$files} | SESSION={$session}";
return ErrorHandler::logError("forbidden", $line, $message, $file);
} catch (Exception $ex) {
return false;
}
}