public function beforePageHeader(OX_Admin_UI_Event_EventContext $oEventContext)
 {
     $pageId = $oEventContext->data['pageId'];
     $pageData = $oEventContext->data['pageData'];
     $oHeaderModel = $oEventContext->data['headerModel'];
     $agencyId = $pageData['agencyid'];
     $campaignId = $pageData['campaignid'];
     $advertiserId = $pageData['clientid'];
     $oEntityHelper = $this->oMarkedTextAdvertiserComponent->getEntityHelper();
     if (OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER)) {
         switch ($pageId) {
             case 'campaign-banners':
                 $oDalZones = OA_Dal::factoryDAL('zones');
                 $linkedWebsites = $oDalZones->getWebsitesAndZonesListByCategory($agencyId, null, $campaignId, true);
                 $arraylinkedWebsitesKeys = array_keys($linkedWebsites);
                 $linkedWebsitesKey = $arraylinkedWebsitesKeys[0];
                 $arraylinkedZonesKeys = array_keys($linkedWebsites[$linkedWebsitesKey]['zones']);
                 $zoneId = $arraylinkedZonesKeys[0];
                 $aZone = Admin_DA::getZone($zoneId);
                 if ($aZone['type'] == 3) {
                     if (OA_Permission::hasAccessToObject('clients', $clientid) && OA_Permission::hasAccessToObject('campaigns', $campaignid)) {
                         OX_Admin_Redirect::redirect('plugins/' . $this->oMarkedTextAdvertiserComponent->group . "/oxMarkedTextAdvertiser-index.php?campaignid={$campaignId}&clientid={$advertiserId}");
                     }
                 }
                 break;
         }
     }
 }
require_once MAX_PATH . '/lib/OX/Util/Utils.php';
// Required files
require_once MAX_PATH . '/www/admin/lib-maintenance-priority.inc.php';
require_once MAX_PATH . '/lib/OA/Dal.php';
require_once MAX_PATH . '/lib/OA/Dll.php';
require_once MAX_PATH . '/lib/max/Dal/DataObjects/Campaigns.php';
require_once MAX_PATH . '/www/admin/config.php';
require_once MAX_PATH . '/www/admin/lib-statistics.inc.php';
require_once MAX_PATH . '/lib/OA/Permission.php';
require_once MAX_PATH . '/lib/pear/Date.php';
require_once MAX_PATH . '/lib/max/other/html.php';
require_once MAX_PATH . '/lib/OX/Admin/UI/ViewHooks.php';
phpAds_registerGlobalUnslashed('hideinactive', 'listorder', 'orderdirection');
// Security check
OA_Permission::enforceAccount(OA_ACCOUNT_MANAGER, OA_ACCOUNT_ADVERTISER);
if (!empty($clientid) && !OA_Permission::hasAccessToObject('clients', $clientid, OA_Permission::OPERATION_VIEW)) {
    //check if can see given advertiser
    $page = basename($_SERVER['SCRIPT_NAME']);
    OX_Admin_Redirect::redirect($page);
}
/*-------------------------------------------------------*/
/* Init data                                             */
/*-------------------------------------------------------*/
//get advertisers and set the current one
$aAdvertisers = getAdvertiserMap();
if (empty($clientid)) {
    //if it's empty
    if ($session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['clientid']) {
        //try previous one from session
        $sessionClientId = $session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['clientid'];
        if (isset($aAdvertisers[$sessionClientId])) {
require_once MAX_PATH . '/lib/OA/Dal.php';
require_once MAX_PATH . '/lib/OA/Dll.php';
require_once MAX_PATH . '/www/admin/config.php';
require_once MAX_PATH . '/www/admin/lib-statistics.inc.php';
require_once MAX_PATH . '/lib/max/other/html.php';
require_once MAX_PATH . '/lib/OX/Translation.php';
// Register input variables
phpAds_registerGlobal('hideinactive', 'listorder', 'orderdirection');
// Security check
OA_Permission::enforceAccount(OA_ACCOUNT_MANAGER, OA_ACCOUNT_ADVERTISER);
if (!empty($clientid) && !OA_Permission::hasAccessToObject('clients', $clientid)) {
    //check if can see given advertiser
    $page = basename($_SERVER['SCRIPT_NAME']);
    OX_Admin_Redirect::redirect($page);
}
if (!empty($campaignid) && !OA_Permission::hasAccessToObject('campaigns', $campaignid)) {
    $page = basename($_SERVER['SCRIPT_NAME']);
    OX_Admin_Redirect::redirect("{$page}?clientid={$clientid}");
}
/*-------------------------------------------------------*/
/* Init data                                             */
/*-------------------------------------------------------*/
//get advertisers and set the current one
$aAdvertisers = getAdvertiserMap();
if (empty($clientid)) {
    //if it's empty
    $campaignid = null;
    //reset campaign id, we could derive it after we have clientid
    if ($session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['clientid']) {
        //try previous one from session
        $sessionClientId = $session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['clientid'];
 function testHasAccessToObject()
 {
     $userTables = array(OA_ACCOUNT_ADVERTISER => 'clients', OA_ACCOUNT_TRAFFICKER => 'affiliates', OA_ACCOUNT_MANAGER => 'agency');
     // Test if all users have access to new objects
     foreach ($userTables as $userType => $userTable) {
         $this->assertTrue(OA_Permission::hasAccessToObject('banners', null, OA_Permission::OPERATION_ALL, rand(1, 100), $userType));
     }
     // Create some record
     $doBanners = OA_Dal::factoryDO('banners');
     $doBanners->acls_updated = '2007-04-05 16:18:00';
     $aData = array('reportlastdate' => array('2007-04-05 16:18:00'));
     $dg = new DataGenerator();
     $dg->setData('clients', $aData);
     $bannerId = $dg->generateOne($doBanners, true);
     $clientId = DataGenerator::getReferenceId('clients');
     $doClient = OA_Dal::staticGetDO('clients', $clientId);
     $agencyId = DataGenerator::getReferenceId('agency');
     $doAgency = OA_Dal::staticGetDO('agency', $agencyId);
     // Test that admin doesn't have access anymore to all objects
     $this->assertFalse(OA_Permission::hasAccessToObject('banners', 'booId', OA_Permission::OPERATION_ALL, 1, OA_ACCOUNT_ADMIN));
     // Test accounts have access
     $this->assertTrue(OA_Permission::hasAccessToObject('banners', $bannerId, OA_Permission::OPERATION_ALL, $doClient->account_id, OA_ACCOUNT_ADVERTISER));
     $this->assertTrue(OA_Permission::hasAccessToObject('banners', $bannerId, OA_Permission::OPERATION_ALL, $doAgency->account_id, OA_ACCOUNT_MANAGER));
     // Create users who don't have access
     $doClients = OA_Dal::factoryDO('clients');
     $doClients->reportlastdate = '2007-04-05 16:18:00';
     $clientId2 = DataGenerator::generateOne($doClients);
     $agencyId2 = DataGenerator::generateOne('agency');
     $doClientId2 = OA_Dal::staticGetDO('clients', $clientId2);
     $doAgency2 = OA_Dal::staticGetDO('agency', $agencyId2);
     $this->assertFalse(OA_Permission::hasAccessToObject('banners', $bannerId, $fakeId = 123, OA_Permission::OPERATION_ALL, OA_ACCOUNT_TRAFFICKER));
     $this->assertFalse(OA_Permission::hasAccessToObject('banners', $bannerId, $doClientId2->account_id, OA_Permission::OPERATION_ALL, OA_ACCOUNT_ADVERTISER));
     $this->assertFalse(OA_Permission::hasAccessToObject('banners', $bannerId, $doAgency2->account_id, OA_Permission::OPERATION_ALL, OA_ACCOUNT_MANAGER));
 }
Exemplo n.º 5
0
 /**
  * Checks if user has access to specific area (for example admin or agency area)
  * Permissions are defined in www/admin/lib-permissions.inc.php file
  *
  * @access public
  *
  * @param integer $permissions
  * @param string $table  Table name
  * @param integer $id  Id (or empty if new is created)
  * @param unknown $allowed  check allowed
  *
  * @return boolean  True if has access
  */
 function checkPermissions($permissions, $table = '', $id = null, $allowed = null)
 {
     $isError = false;
     if (isset($permissions) && !OA_Permission::isAccount($permissions)) {
         if (!OA_Permission::attemptToSwitchToAccount($permissions)) {
             $isError = true;
         }
     }
     if (!empty($id) && !$this->checkIdExistence($table, $id)) {
         return false;
     }
     if (isset($id) && !OA_Permission::hasAccessToObject($table, $id)) {
         if (!OA_Permission::attemptToSwitchForAccess($table, $id)) {
             $isError = true;
         }
     }
     if (isset($allowed)) {
         if (OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER, OA_ACCOUNT_TRAFFICKER) && !OA_Permission::hasPermission($allowed)) {
             $isError = true;
         }
     }
     if ($isError) {
         $this->raiseError('Access forbidden');
         return false;
     } else {
         return true;
     }
 }
Exemplo n.º 6
0
// Require the initialisation file
require_once '../../init.php';
require_once MAX_PATH . '/lib/OX/Util/Utils.php';
// Required files
require_once MAX_PATH . '/www/admin/lib-maintenance-priority.inc.php';
require_once MAX_PATH . '/lib/OA/Dal.php';
require_once MAX_PATH . '/lib/OA/Dll.php';
require_once MAX_PATH . '/www/admin/config.php';
require_once MAX_PATH . '/www/admin/lib-statistics.inc.php';
require_once MAX_PATH . '/lib/OA/Permission.php';
require_once MAX_PATH . '/lib/pear/Date.php';
require_once MAX_PATH . '/lib/max/other/html.php';
phpAds_registerGlobalUnslashed('hideinactive', 'listorder', 'orderdirection');
// Security check
OA_Permission::enforceAccount(OA_ACCOUNT_MANAGER, OA_ACCOUNT_ADVERTISER);
if (!empty($clientid) && !OA_Permission::hasAccessToObject('clients', $clientid)) {
    //check if can see given advertiser
    $page = basename($_SERVER['PHP_SELF']);
    OX_Admin_Redirect::redirect($page);
}
/*-------------------------------------------------------*/
/* Init data                                             */
/*-------------------------------------------------------*/
//get advertisers and set the current one
$aAdvertisers = getAdvertiserMap();
if (empty($clientid)) {
    //if it's empty
    if ($session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['clientid']) {
        //try previous one from session
        $sessionClientId = $session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['clientid'];
        if (isset($aAdvertisers[$sessionClientId])) {
Exemplo n.º 7
0
function addCampaignPageTools($clientid, $campaignid, $aOtherAdvertisers, $aEntities)
{
    global $phpAds_TextDirection;
    if (!OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER)) {
        addPageLinkTool($GLOBALS["strDuplicate"], MAX::constructUrl(MAX_URL_ADMIN, "campaign-modify.php?duplicate=1&clientid={$clientid}&campaignid={$campaignid}&returnurl=" . urlencode(basename($_SERVER['SCRIPT_NAME']))), "iconCampaignDuplicate");
        if (OA_Permission::hasAccessToObject('campaigns', $campaignid, OA_Permission::OPERATION_MOVE)) {
            $form = "<form action='" . MAX::constructUrl(MAX_URL_ADMIN, 'campaign-modify.php') . "'>\n            <input type='hidden' name='clientid' value='{$clientid}'>\n            <input type='hidden' name='campaignid' value='{$campaignid}'>\n            <input type='hidden' name='returnurl' value='" . htmlspecialchars(basename($_SERVER['SCRIPT_NAME'])) . "'>\n            <select name='newclientid'>";
            $aOtherAdvertisers = _multiSort($aOtherAdvertisers, 'name', 'advertiser_id');
            foreach ($aOtherAdvertisers as $aOtherAdvertiser) {
                $otherAdvertiserId = $aOtherAdvertiser['advertiser_id'];
                $otherAdvertiserName = MAX_buildName($otherAdvertiserId, $aOtherAdvertiser['name']);
                if ($otherAdvertiserId != $advertiserId) {
                    $form .= "<option value='{$otherAdvertiserId}'>" . htmlspecialchars($otherAdvertiserName) . "</option>";
                }
            }
            $form .= "</select><input type='image' class='submit' src='" . OX::assetPath() . "/images/{$phpAds_TextDirection}/go_blue.gif'></form>";
            addPageFormTool($GLOBALS['strMoveTo'], 'iconCampaignMove', $form);
        }
        $deleteConfirm = phpAds_DelConfirm($GLOBALS['strConfirmDeleteCampaign']);
        addPageLinkTool($GLOBALS["strDelete"], MAX::constructUrl(MAX_URL_ADMIN, "campaign-delete.php?token=" . urlencode(phpAds_SessionGetToken()) . "&clientid={$clientid}&campaignid={$campaignid}&returnurl=advertiser-campaigns.php"), "iconDelete", null, $deleteConfirm);
    }
    //shortcuts
    if (!empty($campaignid) && !OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER)) {
        if (OA_Permission::hasAccessToObject('campaigns', $campaignid, OA_Permission::OPERATION_ADD_CHILD)) {
            addPageLinkTool($GLOBALS["strAddBanner_Key"], MAX::constructUrl(MAX_URL_ADMIN, "banner-edit.php?clientid={$clientid}&campaignid={$campaignid}"), "iconBannerAdd", $GLOBALS["strAddNew"]);
        }
        addPageShortcut($GLOBALS['strBackToCampaigns'], MAX::constructUrl(MAX_URL_ADMIN, "advertiser-campaigns.php?clientid={$clientid}"), "iconBack");
    }
    if (!empty($campaignid)) {
        if (OA_Permission::hasAccessToObject('campaigns', $campaignid, OA_Permission::OPERATION_VIEW_CHILDREN)) {
            addPageShortcut($GLOBALS['strCampaignBanners'], MAX::constructUrl(MAX_URL_ADMIN, "campaign-banners.php?clientid={$clientid}&campaignid={$campaignid}"), "iconBanners");
        }
        $entityString = _getEntityString($aEntities);
        addPageShortcut($GLOBALS['strCampaignHistory'], MAX::constructUrl(MAX_URL_ADMIN, "stats.php?entity=campaign&breakdown=history&{$entityString}"), 'iconStatistics');
    }
}
Exemplo n.º 8
0
 /**
  * Checks if user has access to specific area (for example admin or agency area)
  * Permissions are defined in www/admin/lib-permissions.inc.php file
  *
  * @access public
  *
  * @param integer $permissions
  * @param string $table  Table name
  * @param integer $id  Id (or empty if new is created)
  * @param unknown $allowed  check allowed
  * @param OA_Permission Does the current call require only a subset of the permissions?
  * 						If set to null, equivalent to asking permission to do everything on the object
  *
  * @return boolean  True if has access
  */
 function checkPermissions($permissions, $table = '', $id = null, $allowed = null, $operationAccessType = OA_Permission::OPERATION_ALL)
 {
     $isError = false;
     if (isset($permissions) && !OA_Permission::isAccount($permissions)) {
         if (!OA_Permission::attemptToSwitchToAccount($permissions)) {
             $isError = true;
         }
     }
     // Should this check also be part of checkPermissions?
     if (!empty($id) && !$this->checkIdExistence($table, $id)) {
         return false;
     }
     if (isset($id) && !OA_Permission::hasAccessToObject($table, $id, $operationAccessType)) {
         if (!OA_Permission::attemptToSwitchForAccess($table, $id)) {
             $isError = true;
         }
     }
     if (isset($allowed)) {
         if (OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER, OA_ACCOUNT_TRAFFICKER) && !OA_Permission::hasPermission($allowed)) {
             $isError = true;
         }
     }
     if ($isError) {
         $this->raiseError('Access forbidden');
         return false;
     } else {
         // Set system timezone and return
         OA_setTimeZoneLocal();
         return true;
     }
 }
function displayPage($bannerid, $campaignid, $clientid, $bannerTypes, $aBanner, $type, $form, $ext_bannertype, $formDisabled = false)
{
    $pageName = 'advertiser-campaigns';
    $aEntities = array('clientid' => $clientid, 'campaignid' => $campaignid, 'bannerid' => $bannerid);
    $entityId = OA_Permission::getEntityId();
    $entityType = 'advertiser_id';
    $aOtherCampaigns = Admin_DA::getPlacements(array($entityType => $entityId));
    $aOtherBanners = Admin_DA::getAds(array('placement_id' => $campaignid), false);
    $advertiserId = $aEntities['clientid'];
    $campaignId = $aEntities['campaignid'];
    $bannerId = $aEntities['bannerid'];
    $entityString = _getEntityString($aEntities);
    $aOtherEntities = $aEntities;
    unset($aOtherEntities['bannerid']);
    $otherEntityString = _getEntityString($aOtherEntities);
    if ($pageName == 'banner-edit.php' && empty($bannerId)) {
        $tabValue = 'banner-edit_new';
        $pageType = 'edit-new';
    } else {
        $pageType = 'edit';
    }
    $advertiserEditUrl = '';
    $campaignEditUrl = '';
    if (OA_Permission::hasAccessToObject('clients', $advertiserId)) {
        $advertiserEditUrl = "advertiser-edit.php?clientid={$advertiserId}";
    }
    if (!OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER)) {
        $campaignEditUrl = "campaign-edit.php?clientid={$advertiserId}&campaignid={$campaignId}";
    }
    if ($bannerId && !empty($GLOBALS['_MAX']['PREF']['ui_show_banner_preview']) && empty($_GET['nopreview'])) {
        require_once MAX_PATH . '/lib/max/Delivery/adRender.php';
        $aBanner = Admin_DA::getAd($bannerId);
        $aBanner['storagetype'] = $aBanner['type'];
        $aBanner['bannerid'] = $aBanner['ad_id'];
        $bannerCode = MAX_adRender($aBanner, 0, '', '', '', true, '', false, false);
    } else {
        $bannerCode = '';
    }
    $advertiserDetails = phpAds_getClientDetails($advertiserId);
    $advertiserName = $advertiserDetails['clientname'];
    $campaignDetails = Admin_DA::getPlacement($campaignId);
    $campaignName = $campaignDetails['name'];
    $bannerName = $aOtherBanners[$bannerId]['name'];
    $builder = new OA_Admin_UI_Model_InventoryPageHeaderModelBuilder();
    $oHeaderModel = $builder->buildEntityHeader(array(array("name" => $advertiserName, "url" => $advertiserEditUrl), array("name" => $campaignName, "url" => $campaignEditUrl), array("name" => $bannerName)), "banner", $pageType);
    global $phpAds_breadcrumbs_extra;
    $phpAds_breadcrumbs_extra .= "<div class='bannercode'>{$bannerCode}</div>";
    if ($bannerCode != '') {
        $phpAds_breadcrumbs_extra .= "<br />";
    }
    addPageLinkTool($GLOBALS["strDuplicate"], MAX::constructUrl(MAX_URL_ADMIN, "plugins/oxMarkedTextAdvertiser/banner-modify.php?duplicate=true&clientid={$advertiserId}&campaignid={$campaignId}&bannerid={$bannerId}&returnurl=" . urlencode(basename($_SERVER['SCRIPT_NAME']))), "iconBannerDuplicate");
    addPageShortcut($GLOBALS['strBackToBanners'], MAX::constructUrl(MAX_URL_ADMIN, "campaign-banners.php?clientid={$advertiserId}&campaignid={$campaignId}"), "iconBack");
    $entityString = _getEntityString($aEntities);
    addPageShortcut($GLOBALS['strBannerHistory'], MAX::constructUrl(MAX_URL_ADMIN, "stats.php?entity=banner&breakdown=history&{$entityString}"), 'iconStatistics');
    phpAds_PageHeader('advertiser-campaigns', $oHeaderModel);
    $oTpl = new OA_Admin_Template('banner-edit.html');
    $oTpl->assign('clientId', $clientid);
    $oTpl->assign('campaignId', $campaignid);
    $oTpl->assign('bannerId', $bannerid);
    $oTpl->assign('bannerTypes', $bannerTypes);
    $oTpl->assign('bannerType', 'bannerTypeText:oxMarkedText:oxMarkedTextComponent');
    $oTpl->assign('bannerHeight', $aBanner["height"]);
    $oTpl->assign('bannerWidth', $aBanner["width"]);
    $oTpl->assign('disabled', $formDisabled);
    $oTpl->assign('form', $form->serialize());
    $oTpl->display();
    phpAds_PageFooter();
}
| License: GPLv2 or later, see the LICENSE.txt file.                        |
+---------------------------------------------------------------------------+
*/
// Require the initialisation file
require_once '../../init.php';
// Required files
require_once MAX_PATH . '/www/admin/config.php';
require_once MAX_PATH . '/www/admin/lib-statistics.inc.php';
require_once MAX_PATH . '/lib/max/other/html.php';
// Register input variables
phpAds_registerGlobal('acl', 'action', 'submit');
/*-------------------------------------------------------*/
/* Affiliate interface security                          */
/*-------------------------------------------------------*/
OA_Permission::enforceAccount(OA_ACCOUNT_MANAGER);
if (!empty($affiliateid) && !OA_Permission::hasAccessToObject('affiliates', $affiliateid)) {
    //check if can see given website
    $page = basename($_SERVER['SCRIPT_NAME']);
    OX_Admin_Redirect::redirect($page);
}
/*-------------------------------------------------------*/
/* Init data                                             */
/*-------------------------------------------------------*/
//get websites and set the current one
$aWebsites = getWebsiteMap();
if (empty($affiliateid)) {
    //if it's empty
    if ($session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['affiliateid']) {
        //try previous one from session
        $sessionWebsiteId = $session['prefs']['inventory_entities'][OA_Permission::getEntityId()]['affiliateid'];
        if (isset($aWebsites[$sessionWebsiteId])) {
Exemplo n.º 11
0
function MAX_displayNavigationBanner($pageName, $aOtherCampaigns, $aOtherBanners, $aEntities)
{
    global $phpAds_TextDirection;
    $advertiserId = $aEntities['clientid'];
    $campaignId = $aEntities['campaignid'];
    $bannerId = $aEntities['bannerid'];
    $entityString = _getEntityString($aEntities);
    $aOtherEntities = $aEntities;
    unset($aOtherEntities['bannerid']);
    $otherEntityString = _getEntityString($aOtherEntities);
    if ($pageName == 'banner-edit.php' && empty($bannerId)) {
        $tabValue = 'banner-edit_new';
        $pageType = 'edit-new';
    } else {
        $pageType = 'edit';
    }
    $advertiserEditUrl = '';
    $campaignEditUrl = '';
    if (OA_Permission::hasAccessToObject('clients', $advertiserId)) {
        $advertiserEditUrl = "advertiser-edit.php?clientid={$advertiserId}";
    }
    if (!OA_Permission::isAccount(OA_ACCOUNT_ADVERTISER)) {
        $campaignEditUrl = "campaign-edit.php?clientid={$advertiserId}&campaignid={$campaignId}";
    }
    // Build ad preview
    if ($bannerId && empty($_GET['nopreview'])) {
        require_once MAX_PATH . '/lib/max/Delivery/adRender.php';
        $aBanner = Admin_DA::getAd($bannerId);
        $aBanner['storagetype'] = $aBanner['type'];
        $aBanner['bannerid'] = $aBanner['ad_id'];
        $bannerCode = MAX_adRender($aBanner, 0, '', '', '', true, '', false, false);
    } else {
        $bannerCode = '';
    }
    $advertiserDetails = phpAds_getClientDetails($advertiserId);
    $advertiserName = $advertiserDetails['clientname'];
    $campaignDetails = Admin_DA::getPlacement($campaignId);
    $campaignName = $campaignDetails['name'];
    $bannerName = $aOtherBanners[$bannerId]['name'];
    $builder = new OA_Admin_UI_Model_InventoryPageHeaderModelBuilder();
    $oHeaderModel = $builder->buildEntityHeader(array(array("name" => $advertiserName, "url" => $advertiserEditUrl), array("name" => $campaignName, "url" => $campaignEditUrl), array("name" => $bannerName)), "banner", $pageType);
    global $phpAds_breadcrumbs_extra;
    $phpAds_breadcrumbs_extra .= "<div class='bannercode'>{$bannerCode}</div>";
    if ($bannerCode != '') {
        $phpAds_breadcrumbs_extra .= "<br />";
    }
    addBannerPageTools($advertiserId, $campaignId, $bannerId, $aOtherCampaigns, $aOtherBanners, $aEntities);
    phpAds_PageHeader($tabValue, $oHeaderModel);
}
Exemplo n.º 12
0
 /**
  * A method to show an error if the current user/account doesn't have access
  * to the specified DB_DataObject (defined by table name and entity ID).
  *
  * @static
  * @param string  $entityTable    The name of the table.
  * @param integer $entityId       Optional entity ID -- when set, tests if the current
  *                                account has access to the enity, when not set,  tests
  *                                if the current account can create a new entity in the
  *                                table.
  * @param boolean $allowNewEntity Allow creation of a new entity, defaults to false.
  */
 function enforceAccessToObject($entityTable, $entityId = null, $allowNewEntity = false)
 {
     if (!$allowNewEntity) {
         OA_Permission::enforceTrue(!empty($entityId));
     }
     // Verify that the ID is numeric
     OA_Permission::enforceTrue(preg_match('/^\\d*$/D', $entityId));
     $entityId = (int) $entityId;
     $hasAccess = OA_Permission::hasAccessToObject($entityTable, $entityId);
     if (!$hasAccess) {
         if (!OA_Permission::isManualAccountSwitch()) {
             if (OA_Permission::isUserLinkedToAdmin()) {
                 // Check object existence
                 OA_Permission::enforceTrue(OA_Permission::getAccountIdForEntity($entityTable, $entityId));
             }
             // if has access switch to the manager account that owns this object
             if ($hasAccess) {
                 if (OA_Permission::switchToManagerAccount($entityTable, $entityId)) {
                     // Now that the admin user is working with the manager
                     // account that owns the object, show to him the page.
                     $url = $_SERVER['REQUEST_URI'];
                     header("Location: {$url}");
                     exit;
                 } else {
                     // If is not possible to switch redirect the admin to his home page
                     OX_Admin_Redirect::redirect();
                 }
             }
         }
     }
     if (!$hasAccess) {
         OA_Permission::redirectIfManualAccountSwitch();
         $hasAccess = OA_Permission::attemptToSwitchForAccess($entityTable, $entityId);
     }
     OA_Permission::enforceTrue($hasAccess);
 }