public function action_index()
{
$id = application::get(['mvc', 'controller_id']);
if ($id) {
$result = url_tinyurl::get($id);
if ($result['success']) {
request::redirect($result['data']['url']);
}
}
}
$error = '';
// submit function
if (Request::post('rename')) {
// check token
if (Token::check(Request::post('token'))) {
// if empty
if (Request::post('rename_file_name') !== '') {
$to = str_replace(File::name($filename) . '.' . File::ext($filename), '', $filename);
// if exists
if (!File::exists($to . Request::post('rename_file_name') . '.' . File::ext($filename))) {
// rename file
File::rename($filename, $to . '/' . $p->SeoLink(Request::post('rename_file_name')) . '.' . File::ext($filename));
// set notification
$p->setMsg($p::$lang['Success_rename']);
// redirect to edit index
request::redirect($p->url() . '/backups');
} else {
// if exists
$error = '<span class="well red">' . Panel::$lang['File_Name_Exists'] . '</span>';
}
} else {
// if empty input value
$error = '<span class="well red">' . Panel::$lang['File_Name_Required'] . '</span>';
}
} else {
die('crsf detect');
}
}
// template
$p->view('actions', array('title' => Panel::$lang['Rename_File'], 'content' => $filename, 'html' => '<div class="info">
<form method="post">
/**
* Validate if controller can be executed
*
* @param object $controller_object
* @return boolean
*/
public static function can_be_executed(&$controller_object, $redirect = false)
{
$authorized = session::get(['numbers', 'authorized']);
// authorized
if ($authorized) {
// see if controller is for authorized
if (empty($controller_object->acl['authorized'])) {
return false;
}
// permissions
if (!empty($controller_object->acl['permission'])) {
if (self::$permissions == null) {
self::handle_permissions();
}
// admin account can see everything
if (self::$flag_admin) {
// we need to put permission into controller
$permission_list = [];
foreach ($controller_object->actions['by_id'] as $k => $v) {
$permission_list[$k] = true;
}
application::set(['controller', 'acl', 'permissions'], $permission_list);
return true;
}
// see if we have this action code registered
if (empty($controller_object->actions['by_code'][$controller_object->action['code']])) {
return false;
}
// check if we have access to the controller
if (empty($controller_object->controller_id) || empty(self::$permissions[$controller_object->controller_id])) {
return false;
}
// if we have action
$all_actions = [];
foreach (self::$permissions[$controller_object->controller_id] as $k => $v) {
if ($v == true) {
$all_actions[] = $k;
}
}
$merged = array_intersect($all_actions, $controller_object->actions['by_code'][$controller_object->action['code']]);
if (empty($merged)) {
return false;
}
// we need to put permission into controller
application::set(['controller', 'acl', 'permissions'], self::$permissions[$controller_object->controller_id]);
}
} else {
// we need to redirect to login controller if not authorized
if ($redirect && !empty($controller_object->acl['authorized']) && empty($controller_object->acl['public']) && !application::get('flag.global.__skip_session')) {
request::redirect(application::get('flag.global.authorization.login.controller'));
}
// public permission
if (empty($controller_object->acl['public'])) {
return false;
}
}
return true;
}
