protected function main()
{
inc_lib('news/news_exists');
$count_news_existe = news_exists($_GET['id']);
if ($count_news_existe == false && (is_logged_in() && !check_auth('view_histo_all_news'))) {
redir(Nw::$lang['news']['news_not_exist'], false, './');
}
inc_lib('news/get_info_news');
$donnees_news = get_info_news($_GET['id']);
$this->set_title(Nw::$lang['news']['historique_news'] . ' | ' . $donnees_news['n_titre']);
$this->set_tpl('news/log_news.html');
$this->add_css('code.css');
// Fil ariane
if ($count_news_existe) {
$this->set_filAriane(array(Nw::$lang['news']['news_section'] => array('news-70.html'), $donnees_news['c_nom'] => array($donnees_news['c_rewrite'] . '/'), $donnees_news['n_titre'] => array($donnees_news['c_rewrite'] . '/' . rewrite($donnees_news['n_titre']) . '-' . $_GET['id'] . '/'), Nw::$lang['news']['historique_news'] => array('')));
} else {
$this->set_filAriane(array(Nw::$lang['news']['news_section'] => array('news-70.html'), Nw::$lang['news']['historique_news'] => array('')));
}
/**
* Affichage du logo
**/
inc_lib('news/get_news_logs');
$donnees_logs = get_news_logs('l_id_news = ' . intval($_GET['id']), 'l_date DESC');
foreach ($donnees_logs as $donnees) {
Nw::$tpl->setBlock('log', array('ACTION' => $donnees['l_action'], 'ACTION_LOG' => isset(Nw::$lang['news']['log_news_' . $donnees['l_action']]) ? Nw::$lang['news']['log_news_' . $donnees['l_action']] : '', 'TEXTE' => nl2br($donnees['l_texte']), 'TITRE' => $donnees['l_titre'], 'DATE' => date_sql($donnees['date'], $donnees['heures_date'], $donnees['jours_date']), 'AUTEUR' => $donnees['u_pseudo'], 'AUTEUR_ID' => $donnees['u_id'], 'AUTEUR_AVATAR' => $donnees['u_avatar'], 'AUTEUR_ALIAS' => $donnees['u_alias'], 'IP' => long2ip($donnees['l_ip'])));
}
Nw::$tpl->set(array('ID' => $_GET['id'], 'TITRE' => $donnees_news['n_titre']));
}
protected function main()
{
if (!is_logged_in() && !check_auth('view_histo_all_news')) {
header('Location: ./');
}
$this->set_title(Nw::$lang['news']['historiques_news']);
$this->set_tpl('news/log_admin.html');
$this->add_css('code.css');
$this->set_filAriane(array(Nw::$lang['news']['news_section'] => array('news-70.html'), Nw::$lang['news']['historiques_news'] => array('')));
$get_param = '';
$param_tpl = '';
if (!empty($_GET['t'])) {
$get_param = 'l_titre LIKE "%' . insertBD(urldecode($_GET['t'])) . '%" OR l_texte LIKE "%' . insertBD(urldecode($_GET['t'])) . '%"';
$param_tpl = htmlspecialchars($_GET['t']);
}
inc_lib('news/count_news_logs');
$nombre_logs = count_news_logs($get_param);
// Pagination
$page = isset($_GET['page']) ? intval($_GET['page']) : 1;
$nombreDePages = ceil($nombre_logs / Nw::$pref['nb_logs_admin']);
// On vérifie que la page existe bien
if ($nombreDePages > 0 && $page > $nombreDePages) {
redir(Nw::$lang['common']['pg_not_exist'], false, 'news-21.html?t=' . $param_tpl);
}
/**
* Affichage du logo
**/
inc_lib('news/get_news_logs');
$donnees_logs = get_news_logs($get_param, 'l_date DESC', $page, Nw::$pref['nb_logs_admin']);
foreach ($donnees_logs as $donnees) {
Nw::$tpl->setBlock('log', array('ACTION' => $donnees['l_action'], 'ACTION_LOG' => isset(Nw::$lang['news']['log_news_' . $donnees['l_action']]) ? Nw::$lang['news']['log_news_' . $donnees['l_action']] : '', 'TEXTE' => nl2br($donnees['l_texte']), 'DATE' => date_sql($donnees['date'], $donnees['heures_date'], $donnees['jours_date']), 'AUTEUR' => $donnees['u_pseudo'], 'AUTEUR_ID' => $donnees['u_id'], 'AUTEUR_AVATAR' => $donnees['u_avatar'], 'AUTEUR_ALIAS' => $donnees['u_alias'], 'NEWS_ID' => $donnees['l_id_news'], 'NEWS_TITRE' => $donnees['n_titre'], 'TITRE_ACTU' => $donnees['l_titre'], 'IP' => long2ip($donnees['l_ip'])));
}
Nw::$tpl->set(array('TITRE' => urldecode($param_tpl), 'LIST_PG' => list_pg($nombreDePages, $page, 'news-21%s.html?t=' . $param_tpl)));
}
function force_login()
{
if (!isset($GLOBALS['PHPCAS_CLIENT'])) {
check_auth();
}
phpCAS::forceAuthentication();
}
/**
* 后台控制器初始化
*/
protected function _initialize()
{
// 获取当前用户ID
if (defined('UID')) {
return;
}
$user = get_user();
if (!$user) {
$this->redirect('Other/Public/login?type=miss_token');
}
$this->_user = $user;
define('UID', $user['uid']);
if (!session('admin_login')) {
// 缓存用户信息
session('user_auth', ['uid' => $user['uid'], 'uname' => $user['uname']]);
session('admin_login', true);
}
// 是否是超级管理员
define('IS_ROOT', is_administrator());
// 检测系统权限
if (!IS_ROOT) {
$access = $this->accessControl();
if (false === $access) {
$this->error('403:禁止访问');
} elseif (null === $access) {
// 检测访问权限
$rule = strtolower(MODULE_NAME . '/' . CONTROLLER_NAME . '/' . ACTION_NAME);
if (!$this->checkRule($rule, array('in', '1,2'))) {
$this->error('未授权用户:' . $user['uname']);
} else {
// 检测分类及内容有关的各项动态权限
$dynamic = $this->checkDynamic();
if (false === $dynamic) {
$this->error('未授权用户:' . $user['uname']);
}
}
}
}
// 初始化数据表
$this->_table = $this->_table ?: str_replace('/', '_', CONTROLLER_NAME);
$this->assign('__MENU__', $this->getMenus());
$this->assign('_node_name', $this->_node_name);
// 初始化通知
$notificationModel = new \Common\Model\SystemNotificationModel();
$notificationModel->updateStatus() or system_warn($notificationModel->getError());
$type = session('SYSTEM_NOTIFICATION_TYPE');
if (!is_array($type)) {
$type = [];
foreach (D('SystemNotification')->type_config as $key => $config) {
if (check_auth($config[2])) {
$type[] = $key;
}
}
session('SYSTEM_NOTIFICATION_TYPE', $type);
}
$this->assign('notification_is_allow', check_auth('system/notification'));
$this->assign('notification', $type ? M('SystemNotification')->where(['is_read' => 0, 'type' => ['in', $type]])->count() : 0);
$this->_log();
}
/**
* index 微博首页
* @author:xjw129xjt(肖骏涛) xjt@ourstu.com
*/
public function index()
{
$this->assign('tab', 'index');
$tab_config = get_kanban_config('WEIBO_DEFAULT_TAB', 'enable', array('all', 'concerned', 'hot'));
if (!is_login()) {
$_key = array_search('concerned', $tab_config);
unset($tab_config[$_key]);
}
//获取参数
$aType = I('get.type', reset($tab_config), 'op_t');
$aUid = I('get.uid', 0, 'intval');
$aPage = I('get.page', 1, 'intval');
if (!in_array($aType, $tab_config)) {
$this->error(L('_ERROR_PARAM_'));
}
$param = array();
//查询条件
$weiboModel = D('Weibo');
$param['field'] = 'id';
if ($aPage == 1) {
$param['limit'] = 10;
} else {
$param['page'] = $aPage;
$param['count'] = 30;
}
$param = $this->filterWeibo($aType, $param);
$param['where']['status'] = 1;
$param['where']['is_top'] = 0;
//查询
$list = $weiboModel->getWeiboList($param);
$this->assign('list', $list);
// 获取置顶微博
$top_list = $weiboModel->getWeiboList(array('where' => array('status' => 1, 'is_top' => 1)));
$this->assign('top_list', $top_list);
$this->assign('total_count', $weiboModel->getWeiboCount($param['where']));
$this->assign('page', $aPage);
$this->assign('loadMoreUrl', U('loadweibo', array('uid' => $aUid)));
$this->assign('type', $aType);
$this->assign('tab_config', $tab_config);
if ($aType == 'concerned') {
$this->assign('title', L('_MY_FOLLOW_'));
$this->assign('filter_tab', 'concerned');
} else {
if ($aType == 'hot') {
$this->assign('title', L('_HOT_WEIBO_'));
$this->assign('filter_tab', 'hot');
} else {
$this->assign('title', L('_ALL_WEBSITE_FOLLOW_'));
$this->assign('filter_tab', 'all');
}
}
$this->setTitle('{$title}' . L('_LINE_LINE_') . L('_MODULE_'));
$this->assignSelf();
if (is_login() && check_auth('Weibo/Index/doSend')) {
$this->assign('show_post', true);
}
$this->display();
}
function soap_refreshauth($auth)
{
if (!($bot = check_auth($auth))) {
return null;
}
$authstring = md5(time() . $bot['botid'] . rand(1, 100) . "kibocenter botmanagement");
bot_refreshauth($bot['botid'], $authstring);
return $authstring;
}
protected function main()
{
if (is_logged_in() && check_auth('refresh_cache_droits')) {
inc_lib('admin/refresh_cache_droits');
refresh_cache_droits();
redir(Nw::$lang['admin']['redir_cache_refreshed'], true, 'admin.html');
} else {
redir(Nw::$lang['admin']['error_cant_see_admin'], false, './');
}
}
protected function main()
{
if (is_logged_in() && check_auth('edit_vars_lang')) {
$this->set_tpl('admin/edit_vars_lang.html');
$this->add_css('forms.css');
$this->set_title(Nw::$lang['admin']['edit_vars_lang']);
$this->set_filAriane(array(Nw::$lang['admin']['fa_admin'] => array('admin.html'), Nw::$lang['admin']['edit_vars_lang'] => array('')));
//Récupération de tous les fichiers de langue
$list_files = array();
$list_vars = array();
$dir = opendir(PATH_ROOT . 'lang/' . Nw::$site_lang);
while ($file = readdir($dir)) {
if (strpos($file, '.php')) {
Nw::$tpl->setBlock('files', array('FILENAME' => $file));
$list_files[] = $file;
}
}
closedir($dir);
//Si on a envoyé un fichier particulier à voir
if (!empty($_GET['file']) && !empty($_GET['lang'])) {
if (in_array($_GET['file'], $list_files) && array_key_exists($_GET['lang'], Nw::$lang['common']['languages'])) {
$this->load_lang_file(str_replace('.php', '', $_GET['file']), $_GET['lang']);
$list_vars = Nw::$lang[str_replace('.php', '', $_GET['file'])];
foreach ($list_vars as $key => $value) {
Nw::$tpl->setBlock('vars', array('KEY' => $key, 'VALUE' => is_array($value) ? array_map('htmlspecialchars', $value) : htmlspecialchars($value)));
}
Nw::$tpl->set('TEXT_LEGEND', sprintf(Nw::$lang['admin']['edit_vars_file'], $_GET['file']));
Nw::$tpl->set('DISPLAY_FORM', true);
Nw::$tpl->set('FILE', $_GET['file']);
Nw::$tpl->set('LANG', $_GET['lang']);
} else {
Nw::$tpl->set('DISPLAY_FORM', false);
}
}
//Si on veut éditer un fichier
if (isset($_POST['edit_vars']) && !empty($_GET['file']) && !empty($_GET['lang'])) {
$f = PATH_ROOT . 'lang/' . $_GET['lang'] . '/' . $_GET['file'];
$content = file_get_contents($f);
foreach ($list_vars as $key => $value) {
if (isset($_POST[$key]) && !empty($_POST[$key])) {
$value = str_replace('\'', '\\\'', $_POST[$key]);
$content = preg_replace('`\'' . $key . '\'(\\s*)=>(\\s*)\'(.*)\',`sU', '\'' . $key . '\'$1=>$2\'' . $value . '\',', $content);
} else {
redir(sprintf(Nw::$lang['admin']['error_var_empty'], $key), false, 'admin-1.html?file=' . $_GET['file'] . '&lang=' . $_GET['lang']);
}
}
//echo htmlspecialchars($content);
file_put_contents($f, $content);
redir(sprintf(Nw::$lang['admin']['redir_vars_lang'], $key), true, 'admin-1.html?file=' . $_GET['file'] . '&lang=' . $_GET['lang']);
}
} else {
redir(Nw::$lang['admin']['error_cant_edit_vars'], false, Nw::$site_url);
}
}
function try_signin()
{
$email = $_POST['email'];
$password = $_POST['password'];
$result = check_auth($email, $password);
if ($result) {
redirect("home");
} else {
redirect("user/signin-failed");
}
}
public function _initialize()
{
//实例化模型
$this->d_property = D('Property');
$this->d_object = D('Object');
$this->mid = is_login();
//控制权限
if (!check_auth('Property')) {
// $this->error('对不起,只有认证的机构用户可以访问该页面');
}
}
public function getComment($id)
{
$comment = S('weibo_comment_' . $id);
if (!$comment) {
$comment = $this->find($id);
$comment['content'] = $this->parseComment($comment['content']);
$comment['user'] = query_user(array('uid', 'nickname', 'avatar32', 'avatar64', 'avatar128', 'avatar256', 'avatar512', 'space_url', 'rank_link', 'score', 'title', 'weibocount', 'fans', 'following'), $comment['uid']);
S('weibo_comment_' . $id, $comment);
}
$comment['can_delete'] = check_auth('Weibo/Index/doDelComment', $comment['uid']);
return $comment;
}
function xml_scannerlist($auth, $type, $items)
{
if (!check_auth($auth)) {
return null;
}
# not authenticated
if (!is_numeric($type)) {
return null;
}
# new soap_fault('Client','',"Ung�ltiger Parameter: '$id'");
return user_get_scannerlist($type, $items);
}
protected function main()
{
if (is_logged_in() && check_auth('manage_groups')) {
// Edition d'un groupe
if (!empty($_GET['id']) && is_numeric($_GET['id'])) {
// On cherche les infos du groupe
inc_lib('admin/get_info_grp');
$donnees_groupe = get_info_grp($_GET['id']);
$form_id = $_GET['id'];
$form_name = $donnees_groupe['g_nom'];
$form_title = $donnees_groupe['g_titre'];
$form_icone = $donnees_groupe['g_icone'];
$form_color = $donnees_groupe['g_couleur'];
// Fil ariane
$this->set_filAriane(array(Nw::$lang['admin']['fa_admin'] => array('admin.html'), Nw::$lang['admin']['fa_grp'] => array('admin-299.html'), $donnees_groupe['g_nom'] => array('admin-300-' . $_GET['id'] . '.html'), Nw::$lang['admin']['fa_edit_grp'] => array('')));
} else {
$form_id = 0;
$form_name = '';
$form_title = '';
$form_icone = 0;
$form_color = 0;
// Fil ariane
$this->set_filAriane(array(Nw::$lang['admin']['fa_admin'] => array('admin.html'), Nw::$lang['admin']['fa_grp'] => array('admin-299.html'), Nw::$lang['admin']['fa_new_grp'] => array('')));
}
$this->set_tpl('admin/edit_grp.html');
$this->add_css('forms.css');
$this->set_title(Nw::$lang['admin']['titre_accueil']);
// Formulaire soumis
if (isset($_POST['submit'])) {
$array_post = array('nom' => $_POST['nom'], 'titre' => $_POST['titre'], 'icone' => $_POST['icone'], 'couleur' => isset($_POST['couleur']) ? 1 : 0);
// Les champs titre & contenu ne sont pas vides
if (!multi_empty(trim($_POST['nom']))) {
// Edition d'un groupe
if (!empty($_GET['id']) && is_numeric($_GET['id'])) {
inc_lib('admin/edit_grp');
edit_grp($_GET['id']);
redir(Nw::$lang['admin']['confirm_edit_grp'], true, 'admin-300-' . $_GET['id'] . '.html');
} else {
inc_lib('admin/add_grp');
$id_new_grp = add_grp();
redir(Nw::$lang['admin']['confirm_new_grp'], true, 'admin-310-' . $id_new_grp . '.html');
}
} else {
display_form($array_post, Nw::$lang['admin']['nom_grp_obligatoire']);
}
return;
}
// On affiche le template
display_form(array('id' => $form_id, 'nom' => $form_name, 'titre' => $form_title, 'icone' => $form_icone, 'couleur' => $form_color));
} else {
redir(Nw::$lang['admin']['error_cant_see_admin'], false, './');
}
}
function url_for($ctrl, $action = false, $id = 0)
{
global $BASE_URL;
if ($action == false) {
$action = 'index';
}
$ctrl = strtolower($ctrl);
if (!check_auth($ctrl, $action)) {
return false;
}
return $BASE_URL . "&ctrl={$ctrl}&action={$action}&id={$id}";
}
private function canDeleteWeibo($weibo)
{
//如果是管理员,则可以删除微博
if (is_administrator(get_uid()) || check_auth('deleteWeibo')) {
return true;
}
//如果是自己发送的微博,可以删除微博
if ($weibo['uid'] == get_uid()) {
return true;
}
//返回,不能删除微博
return false;
}
protected function main()
{
if (is_logged_in() && check_auth('manage_groups')) {
$this->set_title(Nw::$lang['admin']['titre_grp']);
$this->set_tpl('admin/gestion_grp.html');
$this->set_filAriane(array(Nw::$lang['admin']['fa_admin'] => array('admin.html'), Nw::$lang['admin']['fa_grp'] => array('')));
inc_lib('admin/get_list_grp');
$list_grp = get_list_grp();
foreach ($list_grp as $grp) {
Nw::$tpl->setBlock('grp', array('ID' => $grp['g_id'], 'NOM' => $grp['g_nom'], 'TITRE' => $grp['g_titre'], 'ICONE' => $grp['g_icone'], 'COULEUR' => $grp['g_couleur']));
}
} else {
redir(Nw::$lang['admin']['error_cant_see_admin'], false, './');
}
}
public function _initialize()
{
if (is_login()) {
$sub_menu['left'][] = array('tab' => 'my', 'title' => "我的" . $this->MODULE_ALIAS, 'href' => is_login() ? U('group/index/my') : "javascript:toast.error('登录后才能操作')");
} else {
$sub_menu = array('left' => array());
}
$sub_menu['left'] = array_merge($sub_menu['left'], array(array('tab' => 'discover', 'href' => U('group/index/discover'), 'title' => '发现'), array('tab' => 'select', 'title' => '精选', 'href' => U('group/index/select')), array('tab' => 'groups', 'title' => "全部" . $this->MODULE_ALIAS, 'href' => U('group/index/groups'))));
$sub_menu['right'] = array(array('tab' => 'create', 'title' => '创建' . $this->MODULE_ALIAS, 'href' => check_auth('Group/Index/addGroup', -1) ? U('group/index/create') : "javascript:toast.error('您无添加群组权限')"));
$this->assign('sub_menu', $sub_menu);
$this->assign('current', 'home');
/* 读取站点配置 */
$config = api('Config/lists');
C($config);
//添加配置
}
protected function main()
{
if (!is_logged_in() || !check_auth('solve_alertes')) {
redir(Nw::$lang['news']['error_cant_solve_alerts'], false, './');
}
if (empty($_GET['id']) || !is_numeric($_GET['id'])) {
redir(Nw::$lang['news']['error_alert_dont_exist'], false, 'news-13.html');
}
inc_lib('news/alert_news_exists');
if (alert_news_exists($_GET['id']) == false) {
redir(Nw::$lang['news']['error_alert_dont_exist'], false, 'news-13.html');
}
inc_lib('news/solve_alert_news');
solve_alert_news($_GET['id'], Nw::$dn_mbr['u_id']);
redir(Nw::$lang['news']['confirm_alert_solved'], false, 'news-13.html');
}
protected function _getWhere()
{
$where = ['is_read' => 0];
// 初始化通知
$type = S('ADMIN_SYSTEM_NOTIFICATION_TYPE');
if (!is_array($type)) {
$type = [];
foreach (D('SystemNotification')->type_config as $key => $config) {
if (check_auth($config[0])) {
$type[] = $key;
}
}
S('ADMIN_SYSTEM_NOTIFICATION_TYPE', $type, 1800);
}
if ($type) {
$where['type'] = ['in', $type];
}
return $where;
}
protected function main()
{
if (!is_logged_in() || !check_auth('solve_alertes')) {
redir(Nw::$lang['news']['error_cant_solve_alerts'], false, './');
}
inc_lib('news/get_list_alerts_news');
//Si on veut trier selon le statut
if (isset($_GET['solved']) && in_array($_GET['solved'], array(0, 1))) {
$solved = $_GET['solved'];
Nw::$tpl->set('SOLVED', $solved);
} else {
$solved = null;
Nw::$tpl->set('SOLVED', -1);
}
//Si on veut voir les alertes d'une news précise
if (!empty($_GET['id']) && is_numeric($_GET['id'])) {
inc_lib('news/news_exists');
if (news_exists($_GET['id']) == false) {
redir(Nw::$lang['news']['news_not_exist'], false, 'news-70.html');
}
inc_lib('news/get_info_news');
$info_news = get_info_news($_GET['id']);
$this->set_title($info_news['n_titre'] . ' | ' . Nw::$lang['news']['alerts_list']);
$list_alerts = get_list_alerts_news($_GET['id'], $solved);
Nw::$tpl->set('ID_NEWS', $_GET['id']);
Nw::$tpl->set('NEWS', $info_news['n_titre']);
// Fil ariane
$this->set_filAriane(array(Nw::$lang['news']['news_section'] => array('news-70.html'), $info_news['c_nom'] => array($info_news['c_rewrite'] . '/'), $info_news['n_titre'] => array($info_news['c_rewrite'] . '/' . rewrite($info_news['n_titre']) . '-' . $_GET['id'] . '/'), Nw::$lang['news']['alerts_list'] => array('')));
Nw::$tpl->set(array('CAT_REWRITE' => $info_news['c_rewrite'], 'REWRITE' => rewrite($info_news['n_titre'])));
} else {
$this->set_title(Nw::$lang['news']['alerts_list']);
$list_alerts = get_list_alerts_news(null, $solved);
Nw::$tpl->set('ID_NEWS', null);
// Fil ariane
$this->set_filAriane(array(Nw::$lang['news']['news_section'] => array('news-70.html'), Nw::$lang['news']['alerts_list'] => array('')));
}
$this->set_tpl('news/list_alerts.html');
$this->add_css('code.css');
foreach ($list_alerts as $a) {
Nw::$tpl->setBlock('alerts', array('ID' => $a['a_id'], 'AUTEUR' => $a['pseudo_auteur'], 'ALIAS' => $a['u_alias'], 'ADMIN' => $a['pseudo_admin'], 'ID_ADMIN' => $a['a_admin'], 'SOLVED' => $a['a_solved'], 'DATE' => $a['date'], 'RAISON' => $a['a_texte'], 'MOTIF' => !empty($a['a_motif']) ? Nw::$lang['news']['motifs_list'][$a['a_motif']] : '-', 'IP' => long2ip($a['a_ip']), 'ID_NEWS' => $a['a_id_news'], 'NEWS' => $a['n_titre'], 'REWRITE' => rewrite($a['n_titre']), 'CAT_REWRITE' => rewrite($a['c_rewrite']), 'SOLVED_BY' => $a['a_solved'] ? sprintf(Nw::$lang['news']['alert_solved_by'], $a['pseudo_admin']) : ''));
}
}
public function _initialize()
{
$this->eventModel = D('Event/Event');
$this->eventAttendModel = D('Event/EventAttend');
$this->eventTypeModel = D('Event/EventType');
$this->_top_menu_list = array('left' => array(array('type' => 'home', 'href' => U('Mob/event/index')), array('type' => 'message')), 'center' => array('title' => '活动'));
$this->setMobTitle('活动');
if (is_login()) {
if (check_auth('Event/Index/add')) {
$this->_top_menu_list['right'][] = array('type' => 'edit', 'href' => U('Mob/event/add'));
} else {
$this->_top_menu_list['right'][] = array('type' => 'edit', 'info' => '您无活动发布权限!');
}
} else {
$this->_top_menu_list['right'][] = array('type' => 'edit', 'info' => '登录后才能操作!');
}
$tree = D('EventType')->where(array('status' => 1))->select();
$this->assign('type_tree', $tree);
$this->assign('top_menu_list', $this->_top_menu_list);
}
protected function main()
{
if (check_auth('manage_articles') || !is_logged_in()) {
$this->set_title(Nw::$lang['press']['art_add']);
$this->set_tpl('press/add.html');
$this->add_css('forms.css');
$this->add_js('write.js');
$this->add_js('forms.js');
// Fil ariane
$this->set_filAriane(array(Nw::$lang['press']['mod_title'] => array('press.html'), Nw::$lang['press']['art_add'] => array('')));
//Si on veut ajouter l'article
if (isset($_POST['submit'])) {
inc_lib('press/add_article');
add_article($_SESSION['ident_session'], $_POST['paper'], $_POST['link'], $_POST['numero'], $_POST['country'], $_POST['contenu'], $_POST['date_pub']);
redir(Nw::$lang['press']['redir_article_added'], true, 'press.html');
}
} else {
redir(Nw::$lang['press']['error_cant_manage'], false, 'press.html');
}
}
public function deleteComment()
{
$aCid = I('post.id', 0, 'intval');
if ($aCid <= 0) {
$this->error('删除评论失败。评论不存在。');
}
//检查权限
$canDelete = check_auth('deleteLocalComment') || is_administrator();
$commentModel = D('Addons://LocalComment/LocalComment');
$comment = $commentModel->find($aCid);
$isOnwer = ($comment['uid'] == is_login() and is_login() != 0);
if ($canDelete || $isOnwer) {
$result = $commentModel->where(array('id' => $aCid))->delete();
if ($result) {
$this->success('删除评论成功。', 'refresh');
} else {
$this->error('删除评论失败。' . $commentModel->getError());
}
} else {
$this->error('删除评论失败。' . '权限不足');
}
}
protected function main()
{
if (!is_logged_in() || !check_auth('can_see_ip')) {
redir(Nw::$lang['users']['error_cant_see_ip'], false, './');
}
$this->load_lang_file('admin');
$this->set_title(Nw::$lang['users']['check_ip']);
$this->set_tpl('membres/check_ip.html');
$this->add_css('forms.css');
if (!empty($_GET['ip'])) {
inc_lib('users/check_ip');
$list_mbr = check_ip($_GET['ip']);
Nw::$tpl->set('SEARCH', $_GET['ip']);
foreach ($list_mbr as $mbr) {
Nw::$tpl->setBlock('mbr', array('ID' => $mbr['u_id'], 'PSEUDO' => $mbr['u_pseudo'], 'IDENTIFIER' => $mbr['u_identifier'], 'LAST_IP' => long2ip($mbr['u_ip']), 'GROUP' => $mbr['g_nom'], 'ID_ADMIN' => $mbr['a_admin'], 'DATE_REGISTER' => $mbr['date_register']));
}
} else {
Nw::$tpl->set('SEARCH', '');
}
// Fil ariane
$this->set_filAriane(array(Nw::$lang['admin']['fa_admin'] => array('admin.html'), Nw::$lang['users']['check_ip'] => array('')));
}
protected function main()
{
if (is_logged_in() && check_auth('can_see_admin')) {
$this->set_tpl('admin/index.html');
$this->add_js('admin.js');
$this->add_css('admin.css');
$this->set_title(Nw::$lang['admin']['titre_accueil']);
$this->set_filAriane(Nw::$lang['admin']['fa_admin']);
//Chargement de tous les fichiers de langue utiles
$this->load_lang_file('press');
$this->load_lang_file('users');
$this->load_lang_file('news');
$this->load_lang_file('poll');
if (isset($_POST['log_submit']) && !empty($_POST['log_titre'])) {
header('Location: news-21.html?t=' . urlencode(trim($_POST['log_titre'])));
}
inc_lib('news/count_alerts_news');
$count_alerts = count_alerts_news(null, false);
Nw::$tpl->set('NEWS_ERRORS', sprintf(Nw::$lang['news']['nb_news_errors'], $count_alerts));
Nw::$tpl->set('COUNT_ERRORS', $count_alerts);
} else {
redir(Nw::$lang['admin']['error_cant_see_admin'], false, 'index.html');
}
}
* copies or substantial portions of the Software.
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
* INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A
* PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
* HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
* OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
*/
/*
* display the user's messages
*/
require_once 'include.php';
$title = 'Messages';
$messages_on = 'messages-on';
// verify if we're logged in or not
check_auth(IDP, $page_uri);
$ret = "";
$ret .= "<div class=\"content relative shadow clearfix main\">\n";
$ret .= "<div>\n";
// verify if we are already registered
if (!is_subscribed($_SESSION['webid'])) {
$ret .= "<br/><p><font style=\"font-size: 1.3em;\">You have not registered to receive messages! You can register <a href=\"subscription\">here</a>.</font></p>\n";
}
// manage received messages/pingbacks
if (isset($_REQUEST['id'])) {
$ok = true;
$_to = '';
$_name = '';
$id = mysql_real_escape_string($_REQUEST['id']);
$me = mysql_real_escape_string($_SESSION['webid']);
// delete
<?php
function check_auth($username, $password, $type)
{
if ($type == admin) {
$query = "SELECT * FROM admin WHERE username='******'";
} else {
$query = "SELECT * FROM reg_user WHERE username='******'";
}
$result = mysql_query($query);
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
if ($password == $row['password']) {
return true;
}
return false;
}
}
include '../ajax/connection.php';
include '../ajax/sessions.inc';
if (isset($_REQUEST['login']) && $_REQUEST['login'] == 'Log In' && ($uid = check_auth($_REQUEST['username'], $_REQUEST['password'], $_REQUEST['type']))) {
$_SESSION['username'] = $_REQUEST['username'];
$_SESSION['type'] = $_REQUEST['type'];
if ($_REQUEST['type'] == 'admin') {
header('Location: ../mainForAdmin.php');
} else {
header('Location: ../mainForRegUser.php');
}
} else {
$_SESSION['mssg'] = "Incorrect username/password";
header('Location: ../logInReg.php');
}
break;
case AUTH_MOD:
$auth_ug[$forum_id][$key] = !empty($auth_access_count[$forum_id]) ? check_auth(AUTH_MOD, $key, $auth_access[$forum_id], $is_admin) : 0;
break;
case AUTH_ADMIN:
$auth_ug[$forum_id][$key] = $is_admin;
break;
default:
$auth_ug[$forum_id][$key] = 0;
break;
}
}
//
// Is user a moderator?
//
$auth_ug[$forum_id]['auth_mod'] = !empty($auth_access_count[$forum_id]) ? check_auth(AUTH_MOD, 'auth_mod', $auth_access[$forum_id], 0) : 0;
}
// Begin PNphpBB2 Categories Hierarchie Mod
// $i = 0;
// @reset($auth_ug);
// while( list($forum_id, $user_ary) = @each($auth_ug) )
// {
$s_column_span = 3 + $inc_max + 1;
// Two columns always present
if ($adv) {
$s_column_span = $s_column_span + count($forum_auth_fields) - 1;
}
@reset($categories);
while (list($cat_id, $catrow) = each($categories)) {
// get the inc level
$inc_col = $catrow['level'];
<?php
define('FPDF_FONTPATH', 'fpdf_fonts/');
require 'fpdf.php';
include '_includeSessionConfig.php';
include "newProgressReports.php";
$loginError = check_auth($_SESSION[$_CONF['sess_name'] . '_username'], $_SESSION[$_CONF['sess_name'] . '_password']);
if (!$loginError['error_value']) {
$tid = $_SESSION[$_CONF['sess_name'] . '_selected_teacher'];
$result = get_user_info($tid);
$user = $result->fetch_assoc();
$tfName = $user['first_name'];
$tlName = $user['last_name'];
$teacherName = $tfName . " " . $tlName;
$term_id = $_POST['term_id'];
$termName = $_POST['term_name'];
$loc = array();
$year = date("y");
$download = false;
if (isset($_POST['all'])) {
$sql = "SELECT classes.class_id,courses.teacher_id,courses.course_name\n FROM classes,courses\n WHERE courses.teacher_id=" . $tid . "\n AND courses.school_year_id=" . $_SESSION[$_CONF['sess_name'] . '_current_school_year'] . " \n AND classes.term_id=" . $term_id . "\n AND courses.course_id=classes.course_id\n ORDER by courses.course_name";
$result = $db->query($sql);
while ($row = $result->fetch_assoc()) {
$loc[$row['class_id']] = $row['course_name'];
}
$filename = $year . "_" . $termName . "_" . $teacherName . "_ClassSummaries.pdf";
$download = true;
} else {
$cid = $_SESSION[$_CONF['sess_name'] . '_selected_class'];
$result = get_class_info($cid);
$row = $result->fetch_assoc();
include '../m/news.php';
session_start();
$link = connect();
if (!$link) {
echo "Не удалось подключиться: " . mysqli_connect_error();
exit;
}
if (count($_POST) > 0) {
$login = trim($_POST['login']);
$password = trim($_POST['password']);
if ($login == '') {
$message = "Незаполнено поле Login";
} elseif ($password == '') {
$message = "Незаполнено поле Password";
} else {
$id_user = check_auth($link, $login, $password);
if ($id_user !== false) {
$_SESSION['is_auth'] = true;
$_SESSION['id_user'] = $id_user;
if (isset($_POST['remember'])) {
setcookie('login', md5($_POST['login']), time() + 3600 * 24 * 31, '/');
setcookie('password', md5($_POST['password']), time() + 3600 * 24 * 31, '/');
}
header('Location: ../index.php');
exit;
} else {
$message = 'Неверный логин или пароль';
}
}
} else {
$message = '';
