/**
* constructor
* order rights object to set roles ,resources, allow, deny
*
* $identity must have $identity->id and $identity->role
*
* $rights must have methods:
* set_roles
* set_allow
* set_deny
*
* @param Identity $identity
* @param Rights $rights
*/
public function __construct($identity, $rights)
{
// store identity
$this->_identity = $identity;
// let the rights set the vars on this
$rights->set_roles($this);
$rights->set_allow($this);
$rights->set_deny($this);
}
function handler_ajax_modify($page)
{
S::assert_xsrf_token();
if (!S::user()->hasRights(Group::from('qdj'), Rights::admin())) {
return PL_FORBIDDEN;
}
$qdj = new QDJ(Json::i('id'));
$page->jsonAssign('success', false);
if (Json::has('date')) {
$date = Json::t('date');
if (!$date) {
$qdj->date(false);
$page->jsonAssign('success', true);
} else {
try {
$qdj->date(new FrankizDateTime($date));
$page->jsonAssign('success', true);
} catch (Exception $e) {
}
}
} else {
if (Json::has('delete')) {
if (Json::b('delete')) {
$qdj->delete();
$page->jsonAssign('success', true);
}
}
}
return PL_JSON;
}
function smarty_block_canEdit($params, $content, &$smarty, &$repeat)
{
$group = $params['target']->group();
if (S::user()->hasRights($group, Rights::admin()) || S::user()->isWeb()) {
return $content;
}
}
function execute()
{
$action = Request::post('contact_action');
if (!$action) {
return;
}
$model = new contactsUsersModel();
if ($action == 'create') {
if (sizeof($model->where(array('login' => Request::post('login')))->fetchAll()) > 0) {
return;
}
$data = array('name' => Request::post('name'), 'login' => Request::post('login'), 'date' => time(), 'block' => false);
if (Request::post('password')) {
$data['password'] = md5(Request::post('password'));
}
$model->insert($data);
} else {
if ($action == 'update') {
if (sizeof($model->where(array('login' => Request::post('login')))->fetchAll()) <= 0) {
return;
}
$data = array('name' => Request::post('name'));
if (Request::post('password')) {
$data['password'] = md5(Request::post('password'));
}
$model->where(array('login' => Request::post('login')))->update($data);
}
}
if (Rights::isHave('contacts', 'add_right')) {
$this->setRights(Request::post('login'), Request::post('rights') ? Request::post('rights') : array());
}
}
public function beforeSave()
{
$roles = Rights::getAssignedRoles(Yii::app()->user->Id);
// check for single role
foreach ($roles as $role) {
if ($role->name == 'Editor' or $role->name == 'Administrator' or $role->name == 'Superadmin') {
$this->post_editor = Yii::app()->user->id;
} else {
$this->post_author = Yii::app()->user->id;
}
}
if ($this->isNewRecord) {
// jika record baru jalankan
$this->post_created = date('Y-m-d H:i:s');
}
if ($this->post_name == '') {
$this->post_name = 'No Title';
}
if ($this->post_link == '') {
$this->post_link = $this->post_name;
}
if ($this->post_title == '') {
$this->post_title = $this->post_name;
}
$this->post_type = $this->_type;
$this->post_image = str_replace(Helper::rootImg('content'), '', $this->post_image);
return parent::beforeSave();
}
/**
* Authenticates a user.
* The example implementation makes sure if the username and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
/**
* @var $user XfUser
*/
$user = XfUser::model()->find('LOWER(username)=?', array(strtolower($this->username)));
$xfAuth = new XfAuthentication();
if ($user === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
if (!$xfAuth->checkAuth($this->username, $this->password)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
$userInfo = $xfAuth->login($this->username, $this->password);
//var_dump($userInfo);die;
if ($userInfo) {
$this->_id = $userInfo['user_id'];
$this->username = $userInfo['username'];
Rights::assign($user['role'], $this->_id);
$this->errorCode = self::ERROR_NONE;
} else {
$this->errorCode = self::ERROR_USERNAME_INVALID;
}
}
}
//unset($xfAuth);
return !$this->errorCode;
}
public function beforeControllerAction($controller, $action)
{
$roles = Rights::getAssignedRoles(Yii::app()->user->Id);
// check for single role
foreach ($roles as $role) {
if (sizeof($roles) == 1 and $role->name == 'parent') {
$controller->layout = 'none';
}
if (sizeof($roles) == 1 and $role->name == 'student') {
$controller->layout = 'studentmain';
}
}
if (Yii::app()->user->isGuest) {
if (Yii::app()->user->loginUrl) {
$controller->redirect($controller->createUrl(reset(Yii::app()->user->loginUrl)));
} else {
$controller->redirect($controller->createUrl('/'));
}
} else {
if (parent::beforeControllerAction($controller, $action)) {
// this method is called before any module controller action is performed
// you may place customized code here
return true;
} else {
return false;
}
}
}
/**
* Creates a new model.
* If creation is successful, the browser will be redirected to the 'view' page.
*/
public function actionCreate()
{
$model = new User();
$profile = new Profile();
if (isset($_POST['User'])) {
$model->attributes = $_POST['User'];
$model->activkey = Yii::app()->controller->module->encrypting(microtime() . $model->password);
$model->createtime = time();
$model->lastvisit = time();
$profile->attributes = $_POST['Profile'];
$profile->user_id = 0;
if ($model->validate() && $profile->validate()) {
$model->password = Yii::app()->controller->module->encrypting($model->password);
if ($model->save()) {
$profile->user_id = $model->id;
$profile->save();
// assign user the 'Authenticated' role for Rights module
$authenticatedName = Rights::module()->authenticatedName;
Rights::assign($authenticatedName, $model->id);
// end of change
}
$this->redirect(array('view', 'id' => $model->id));
}
}
$this->render('create', array('model' => $model, 'profile' => $profile));
}
/**
* Constructor.
* (e.g. <code>Post::model()</code>, <code>Post::model()->published()</code>).
* @param array $config configuration (name=>value) to be applied as the initial property values of this class.
*/
public function __construct($config = array())
{
$module = Rights::module();
$userClass = $module->userClass;
parent::__construct($userClass, $config);
$this->_authorizer = $module->getAuthorizer();
}
/**
* Actions to be taken after logging in.
* Overloads the parent method in order to mark superusers.
* @param boolean $fromCookie whether the login is based on cookie.
*/
public function afterLogin($fromCookie)
{
parent::afterLogin($fromCookie);
// Mark the user as a superuser if necessary.
if (Rights::getAuthorizer()->isSuperuser($this->getId()) === true) {
$this->isSuperuser = true;
}
}
public function isRole($roleParam)
{
$allroles = Rights::getAssignedRoles($this->id);
foreach ($allroles as $ii) {
if ($ii->name == $roleParam) {
return true;
}
}
return false;
}
/**
* Initializes the data provider.
*/
public function init()
{
$this->_authorizer = Rights::getAuthorizer();
// Set properties and generate the data
$this->setRoles();
$this->setItems();
$this->setPermissions();
$this->setParents();
$this->generateData();
}
/**
* Edit a user.
*/
public function actionEdit($id = 0)
{
if (isset($_POST['User'])) {
$data = $_POST['User'];
if ($id > 0) {
$model = User::model()->findByPk($id);
} else {
$model = new User();
$model->email = $data['email'];
}
$model->name = $data['name'];
$model->publisherid = $data['publisherid'];
$newPassword1 = $_POST['newpassword1'];
$newPassword2 = $_POST['newpassword2'];
// if new password is entered
if ($newPassword1 != '' || $newPassword2 != '') {
if ($newPassword1 != $newPassword2) {
Yii::app()->user->setFlash('errormsg', 'New passwords are not the same');
$this->redirect('/user/edit/id/' . $id);
exit;
} else {
$model->password = $newPassword1;
}
}
// if new email is entered
if ($model->email != $data['email']) {
$emailmodel = User::model()->findAllByAttributes(array(), 'email = :email AND id <> :userId', array(':userId' => $id, ':email' => $data['email']));
if ($emailmodel != null) {
Yii::app()->user->setFlash('errormsg', 'New email already exists');
$this->redirect('/user/edit/id/' . $id);
exit;
} else {
$model->email = $data['email'];
}
}
if ($model->validate() && $model->save()) {
// if a new user, assign the 'Publisher' role for Rights module
if ($id == 0) {
Rights::assign('Publisher', $model->id);
}
Yii::app()->user->setFlash('successmsg', 'The changes have been saved.');
$this->redirect('/user/index');
} else {
Yii::app()->user->setFlash('errormsg', 'Error saving the changes');
$this->render('edit', array('model' => $model));
}
} else {
if ($id > 0) {
$model = User::model()->findByPk($id);
} else {
$model = new User();
}
$this->render('edit', array('model' => $model));
}
}
/**
* Registration user
*/
public function actionRegistration()
{
$model = new RegistrationForm();
$profile = new Profile();
$profile->regMode = true;
if (Yii::app()->user->id) {
$this->redirect(Yii::app()->controller->module->profileUrl);
} else {
if (isset($_POST['RegistrationForm'])) {
$model->attributes = $_POST['RegistrationForm'];
$profile->attributes = $_POST['Profile'];
if ($model->validate() && $profile->validate()) {
$soucePassword = $model->password;
$model->activkey = UserModule::encrypting(microtime() . $model->password);
$model->password = UserModule::encrypting($model->password);
$model->verifyPassword = UserModule::encrypting($model->verifyPassword);
$model->createtime = time();
$model->lastvisit = (Yii::app()->controller->module->loginNotActiv || Yii::app()->controller->module->activeAfterRegister && Yii::app()->controller->module->sendActivationMail == false) && Yii::app()->controller->module->autoLogin ? time() : 0;
$model->superuser = 0;
$model->status = Yii::app()->controller->module->activeAfterRegister ? User::STATUS_ACTIVE : User::STATUS_NOACTIVE;
if ($model->save()) {
$profile->user_id = $model->id;
$profile->save();
// assign user the 'Authenticated' role for Rights module
$authenticatedName = Rights::module()->authenticatedName;
Rights::assign($authenticatedName, $model->id);
// end of change
if (Yii::app()->controller->module->sendActivationMail) {
$activation_url = 'http://' . $_SERVER['HTTP_HOST'] . $this->createUrl('/user/activation/activation', array("activkey" => $model->activkey, "email" => $model->email));
UserModule::sendMail($model->email, UserModule::t("You have registered at {site_name}", array('{site_name}' => Yii::app()->name)), UserModule::t("Please activate your account. Go to {activation_url}", array('{activation_url}' => $activation_url)));
}
if ((Yii::app()->controller->module->loginNotActiv || Yii::app()->controller->module->activeAfterRegister && Yii::app()->controller->module->sendActivationMail == false) && Yii::app()->controller->module->autoLogin) {
$identity = new UserIdentity($model->username, $soucePassword);
$identity->authenticate();
Yii::app()->user->login($identity, 0);
$this->redirect(Yii::app()->controller->module->returnUrl);
} else {
if (!Yii::app()->controller->module->activeAfterRegister && !Yii::app()->controller->module->sendActivationMail) {
Yii::app()->user->setFlash('registration', UserModule::t("Thank you for registering. Contact Admin to activate your account."));
} elseif (Yii::app()->controller->module->activeAfterRegister && Yii::app()->controller->module->sendActivationMail == false) {
Yii::app()->user->setFlash('registration', UserModule::t("Thank you for registering. Please {{login}}.", array('{{login}}' => CHtml::link(UserModule::t('Login'), Yii::app()->controller->module->loginUrl))));
} elseif (Yii::app()->controller->module->loginNotActiv) {
Yii::app()->user->setFlash('registration', UserModule::t("Thank you for registering. Please check your email or login."));
} else {
Yii::app()->user->setFlash('registration', UserModule::t("Thank you for registering. Please check your email."));
}
$this->refresh();
}
}
}
}
$this->render('/user/registration', array('form' => $model, 'profile' => $profile));
}
}
public function actionIndex()
{
$criteria = new CDbCriteria();
$criteria->condition = '`file`<>:null';
$criteria->params = array(':null' => '');
$roles = Rights::getAssignedRoles(Yii::app()->user->id);
// check for single role
$user_roles = array();
foreach ($roles as $role) {
$user_roles[] = '"' . $role->name . '"';
}
$teacher = Employees::model()->findByAttributes(array('uid' => Yii::app()->user->id));
$batches = Batches::model()->findAllByAttributes(array('employee_id' => $teacher->id));
foreach ($batches as $classteacher) {
$batch[] = $classteacher->id;
}
$timetable = TimetableEntries::model()->findAllByAttributes(array('employee_id' => $teacher->id));
foreach ($timetable as $period) {
$batch[] = $period->batch_id;
}
$unique_batch = array_unique($batch);
if (count($unique_batch) > 0) {
$criteria->condition .= ' AND (`placeholder`=:null OR `created_by`=:user_id OR (`placeholder` IN (' . implode(',', $user_roles) . ')) AND (`batch` IS NULL OR `batch` IN (' . implode(',', $unique_batch) . '))) ';
} else {
$criteria->condition .= ' AND (`placeholder`=:null OR `created_by`=:user_id) OR (`placeholder` IN (' . implode(',', $user_roles) . '))';
}
$criteria->params[':user_id'] = Yii::app()->user->id;
$criteria->order = '`created_at` DESC';
$files = FileUploads::model()->findAll($criteria);
if (isset($_POST['Downfiles'])) {
$selected_files = $_POST['Downfiles'];
$slfiles = array();
foreach ($selected_files as $s_file) {
$model = FileUploads::model()->findByPk($s_file);
if ($model != NULL) {
$slfiles[] = 'uploads/shared/' . $model->id . '/' . $model->file;
}
}
$zip = Yii::app()->zip;
$fName = $this->generateRandomString(rand(10, 20)) . '.zip';
$zipFile = 'compressed/' . $fName;
if ($zip->makeZip($slfiles, $zipFile)) {
$fcon = file_get_contents($zipFile);
header('Content-type:text/plain');
header('Content-disposition:attachment; filename=' . $fName);
header('Pragma:no-cache');
echo $fcon;
unlink($zipFile);
} else {
Yii::app()->user->setFlash('success', 'Can\'t download');
}
}
$this->render('/fileUploads/index', array('files' => $files));
}
public function actions()
{
$disabled = array();
$roles = Rights::getAssignedRoles(Yii::app()->user->Id);
// check for single role
foreach ($roles as $role) {
if ($role->name != 'Editor' and $role->name != 'Administrator' and $role->name != 'Superadmin') {
$disabled = array('copy', 'paste', 'archive', 'extract', 'mkdir', 'mkfile', 'rm', 'duplicate', 'resize', 'rename', 'edit');
}
}
return array('connector' => array('class' => 'ElFinderConnectorAction', 'settings' => array('root' => ROOT_DIR . '/uploads/content/', 'URL' => rootUrl . 'uploads/content/', 'rootAlias' => 'Home', 'mimeDetect' => 'internal', 'tmbDir' => '.tmb', 'debug' => '', 'uploadAllow' => array('image'), 'uploadDeny' => array('all'), 'uploadOrder' => 'deny,allow', 'perms' => array('/\\.(txt|html|php|py|pl|sh|xml)$/i' => array('read' => true, 'write' => false, 'rm' => true)), 'disabled' => $disabled)));
}
/**
* Denies the access of the user.
* @param string $message the message to display to the user.
* This method may be invoked when access check fails.
* @throws CHttpException when called unless login is required.
*/
public function accessDenied($message = null)
{
if ($message === null) {
$message = Rights::t('core', 'Bạn không được phép thực hiện hành động này.');
}
$user = Yii::app()->getUser();
if ($user->isGuest === true) {
$user->loginRequired();
} else {
throw new CHttpException(403, $message);
}
}
/**
* Denies the access of the user.
* @param string $message the message to display to the user.
* This method may be invoked when access check fails.
* @throws CHttpException when called unless login is required.
*/
public function accessDenied($message = null)
{
if ($message === null) {
$message = Rights::t('core', 'You are not authorized to perform this action.');
}
$user = Yii::app()->getUser();
if ($user->isGuest === true) {
$user->loginRequired();
} else {
throw new CHttpException(403, $message);
}
}
/**
* Denies the access of the user.
* @param string $message the message to display to the user.
* This method may be invoked when access check fails.
* @throws CHttpException when called unless login is required.
*/
public function accessDenied($message = null)
{
if ($message === null) {
$message = Rights::t('core', 'No sufficient permissions for current user to perform this action');
}
$user = Yii::app()->getUser();
if ($user->isGuest === true) {
$user->loginRequired();
} else {
throw new CHttpException(403, $message);
}
}
/**
* Denies the access of the user.
* @param string $message the message to display to the user.
* This method may be invoked when access check fails.
* @throws CHttpException when called unless login is required.
*/
public function accessDenied($message = null)
{
if ($message === null) {
$message = Rights::t('core', 'Anda tidak diotorisasi melakukan aksi ini, jika anda seharusnya punya hak akses, hubungi administrator, terima kasih.');
}
$user = Yii::app()->getUser();
if ($user->isGuest === true) {
$user->loginRequired();
} else {
throw new CHttpException(403, $message);
}
}
/**
* Fetches the data from the persistent data storage.
* @return array list of data items
*/
public function fetchData()
{
if ($this->sortable !== null) {
$this->processSortable();
}
if ($this->items === null) {
$this->items = Rights::getAuthorizer()->getAuthItems($this->type, $this->userId, $this->parent, true, $this->exclude);
}
$data = array();
foreach ($this->items as $name => $item) {
$data[] = $item;
}
return $data;
}
function handler_upload($page)
{
$page->assign('exception', false);
$page->assign('image', false);
if (FrankizUpload::has('file')) {
$g = Group::from('temp')->select(GroupSelect::castes());
$temp = $g->caste(Rights::everybody());
try {
$upload = FrankizUpload::v('file');
$secret = uniqid();
$i = new FrankizImage();
$i->insert();
$i->caste($temp);
$i->label($secret);
$i->image($upload);
$page->assign('image', $i);
$page->assign('secret', $secret);
} catch (Exception $e) {
try {
if ($i) {
$i->delete();
}
} catch (Exception $eb) {
$page->assign('exception', $eb);
}
$page->assign('exception', $e);
if ($e instanceof ImageSizeException) {
$page->assign('pixels', true);
} else {
if ($e instanceof UploadSizeException) {
$page->assign('bytes', true);
} else {
if ($e instanceof ImageFormatException) {
$page->assign('format', true);
}
}
}
}
}
if (Env::has('delete')) {
$image = new FrankizImage(Env::i('iid'));
$image->select(FrankizImageSelect::base());
if ($image->label() == Env::s('secret')) {
$image->delete();
}
}
$page->addCssLink('upload.css');
$page->changeTpl('images/upload.tpl', SIMPLE);
}
function smarty_function_origin_picker($params, &$smarty)
{
$gf = new GroupFilter(new PFC_And(new PFC_Not(new GFC_Namespace(Group::NS_USER)), new GFC_User(S::user(), Rights::admin())), new GFO_Score());
$gs = $gf->get();
if ($params['not_only_admin']) {
$gfo = new GroupFilter(new PFC_And(new GFC_Namespace(array(Group::NS_BINET, Group::NS_FREE)), new GFC_User(S::user(), Rights::restricted())), new GFO_Score());
$gso = $gfo->get()->diff($gs);
$temp = new Collection();
$temp->merge($gs)->merge($gso);
$temp->select(GroupSelect::base());
$smarty->assign('not_admin', $gso);
} else {
$gs = $gf->get()->select(GroupSelect::base());
}
$smarty->assign($params['out'], $gs);
}
/**
* Gets the users assignments.
* @param boolean whether to display the authorization item type.
* @return string the assignments markup.
*/
public function getAssignments($displayType = false)
{
$authorizer = Rights::getAuthorizer();
$assignments = $authorizer->authManager->getAuthAssignments($this->getId());
$items = $authorizer->authManager->getAuthItemsByNames(array_keys($assignments));
$items = $authorizer->attachAuthItemBehavior($items);
$assignedItems = array();
foreach ($items as $itemName => $item) {
$itemMarkup = $item->getNameText();
if ($displayType === true) {
$itemMarkup .= ' (<span class="type-text">' . Rights::getAuthItemTypeName($item->type) . '</span>)';
}
$assignedItems[] = $itemMarkup;
}
return implode('<br />', $assignedItems);
}
/**
* Initializes the installer.
* @throws CException if the authorization manager or the web user
* is not configured to use the correct class.
*/
public function init()
{
parent::init();
// Make sure the application is configured
// to use a valid authorization manager.
$authManager = Yii::app()->getAuthManager();
if ($authManager instanceof RDbAuthManager === false) {
throw new CException(Rights::t('install', 'Application authorization manager must extend the RDbAuthManager class.'));
}
// Make sure the application is configured
// to use a valid web user.
$user = Yii::app()->getUser();
//if( ($user instanceof RWebUser)===false )
// throw new CException(Rights::t('install', 'Application web user must extend the RWebUser class.'));
$this->_authManager = $authManager;
$this->db = $this->_authManager->db;
}
public function actionCreate()
{
$model = new User();
$this->performAjaxValidation($model, 'user-form');
if (isset($_POST['User'])) {
$model->setAttributes($_POST['User']);
$model->password = $model->hashPassword($model->password, $model->salt);
if ($model->save()) {
Rights::assign($model->tipo, $model->id);
if (Yii::app()->getRequest()->getIsAjaxRequest()) {
Yii::app()->end();
} else {
$this->redirect(array('view', 'id' => $model->id));
}
}
}
$this->render('create', array('model' => $model));
}
/**
* Displays the login page
*/
public function actionLogin()
{
if (Yii::app()->user->isGuest) {
$model = new UserLogin();
// collect user input data
if (isset($_POST['UserLogin'])) {
$model->attributes = $_POST['UserLogin'];
// validate user input and redirect to previous page if valid
if ($model->validate()) {
$this->lastViset();
//Yii::import('application.controllers.ActivityFeedController');
//SmsSettings::model()->sendSms($to,$from,$message); To call an action written on a controller
//Adding activity to feed via saveFeed($initiator_id,$activity_type,$goal_id,$goal_name,$field_name,$initial_field_value,$new_field_value)
ActivityFeed::model()->saveFeed(Yii::app()->user->Id, '1', NULL, NULL, NULL, NULL, NULL);
$roles = Rights::getAssignedRoles(Yii::app()->user->Id);
// check for single role
foreach ($roles as $role) {
if (sizeof($roles) == 1 and $role->name == 'Company') {
$this->redirect(array('/students'));
}
}
if (sizeof($roles) == 1 and $role->name == 'Trainee') {
$this->redirect(array('/students'));
}
if (sizeof($roles) == 1 and $role->name == 'Employee') {
$this->redirect(array('/students'));
}
if (Yii::app()->user->checkAccess('admin')) {
if (Yii::app()->user->returnUrl == '/index.php') {
$this->redirect(Yii::app()->controller->module->returnUrl);
} else {
$this->redirect(Yii::app()->user->returnUrl);
}
} else {
$this->redirect(array('/students'));
}
}
}
// display the login form
$this->render('/user/login', array('model' => $model));
} else {
$this->redirect(Yii::app()->controller->module->returnUrl);
}
}
/**
* Returns the authorization items assigned to the user.
* @return string the assignments markup.
*/
public function getAssignments()
{
if ($this->_assignments !== null) {
return $this->_assignments;
} else {
$authorizer = Rights::getAuthorizer();
$authAssignments = $authorizer->authManager->getAuthAssignments($this->getId());
$nestedItems = $authorizer->authManager->getAuthItemsByNames(array_keys($authAssignments), true);
$assignments = array();
foreach ($nestedItems as $type => $items) {
$items = $authorizer->attachAuthItemBehavior($items);
$assignments[$type] = array();
foreach ($items as $itemName => $item) {
$assignments[$type][$itemName] = $item;
}
}
return $this->_assignments = $assignments;
}
}
/**
* Actions to be taken after logging in.
* Overloads the parent method in order to mark superusers.
* @param boolean $fromCookie whether the login is based on cookie.
*/
public function afterLogin($fromCookie)
{
parent::afterLogin($fromCookie);
$command = Yii::app()->db->createCommand();
$command->select('username,user_url,display_name,email,fbuid,status,recent_login,avatar')->from('{{user}} u')->where('user_id=' . (int) $this->getId())->limit(1);
$user = $command->queryRow();
//Add only some neccessary field
if ($user) {
// Set User States here
$this->setState('current_user', $user);
// Set User Roles here
$this->setState('current_roles', User::getArrayRoles($this->getId()));
if (Rights::getAuthorizer()->isSuperuser($this->getId()) === true) {
$this->isSuperuser = true;
}
} else {
throw new CHttpException(503, t('cms', 'Error while Logging into your account. Please try again later.'));
}
}
/**
* Specifies the access control rules.
* This method is used by the 'accessControl' filter.
* @return array access control rules
*/
public function actionIndex()
{
$criteria = new CDbCriteria();
$criteria->condition = '';
$roles = Rights::getAssignedRoles(Yii::app()->user->id);
// check for single role
$user_roles = array();
foreach ($roles as $role) {
$user_roles[] = '"' . $role->name . '"';
}
$student = Students::model()->findByAttributes(array('uid' => Yii::app()->user->id));
$batch = Batches::model()->findByAttributes(array('id' => $student->batch_id));
$criteria->condition .= '`file`<>:null AND (`placeholder`=:null OR `placeholder` IN (' . implode(',', $user_roles) . ')) AND ((`course` IS NULL) OR (`course`=:course) OR (`course`=0)) AND ((`batch` IS NULL) OR (`batch`=:batch) OR (`batch`=0))';
$criteria->params = array(':null' => '', ':course' => $batch->course_id, ':batch' => $batch->id);
$criteria->order = '`created_at` DESC';
//print_r($criteria); exit;
$files = FileUploads::model()->findAll($criteria);
if (isset($_POST['Downfiles'])) {
$selected_files = $_POST['Downfiles'];
$slfiles = array();
foreach ($selected_files as $s_file) {
$model = FileUploads::model()->findByPk($s_file);
if ($model != NULL) {
$slfiles[] = 'uploads/shared/' . $model->id . '/' . $model->file;
}
}
$zip = Yii::app()->zip;
$fName = $this->generateRandomString(rand(10, 20)) . '.zip';
$zipFile = 'compressed/' . $fName;
if ($zip->makeZip($slfiles, $zipFile)) {
$fcon = file_get_contents($zipFile);
header('Content-type:text/plain');
header('Content-disposition:attachment; filename=' . $fName);
header('Pragma:no-cache');
echo $fcon;
unlink($zipFile);
} else {
Yii::app()->user->setFlash('success', 'Can\'t download');
}
}
$this->render('/fileUploads/index', array('files' => $files));
}
