public static function check($action = '*', $subject = '*', $subject_id = 0) { if (!BACKEND_WITH_DATABASE) { return true; } static $cache = array(); if (is_object($subject)) { $subject = get_class($subject); } $key = serialize(array($action, $subject, $subject_id)); if (array_key_exists($key, $cache)) { //return $cache[$key]; } $roles = GateKeeper::permittedRoles($action, class_for_url($subject), $subject_id); $user = BackendUser::check(); $user = !$user && !empty($_SESSION['BackendUser']) ? $_SESSION['BackendUser'] : $user; if (!$user && !in_array('anonymous', $roles)) { if (Controller::$debug) { Backend::addNotice('Anonymous User'); } $cache[$key] = true; return true; } if ($subject != '*' && !Component::isActive(class_name($subject))) { if (Controller::$debug) { Backend::addNotice('Invalid Component: ' . class_name($subject)); } $cache[$key] = false; return false; } if (empty($user->roles)) { if (Controller::$debug) { Backend::addNotice('No User Roles'); } $cache[$key] = false; return false; } $intersect = is_array($roles) ? array_intersect($user->roles, $roles) : $user->roles; if (Controller::$debug >= 2) { Backend::addNotice('Valid roles found: ' . json_encode($intersect)); } $result = count($intersect) ? true : false; $cache[$key] = $result; return $result; }
public function html_display($result) { if (!$result instanceof DBObject) { return parent::html_display($result); } Backend::add('Sub Title', $result->array['name']); $foreign_template = 'tag.' . class_for_url($result->array['foreign_table']); $foreign_template .= '.list.tpl.php'; if (!Render::checkTemplateFile($foreign_template)) { $foreign_template = 'tag.display.list.tpl.php'; } Backend::add('tag_list_template', $foreign_template); return parent::html_display($result); }
?> " title="<?php echo $image['title']; ?> " alt="<?php echo $image['title']; ?> " /> </a> </td> <?php $count++; } ?> </tr> </tbody> </table> {tpl:list_paging.tpl.php} <form class="inline" id="form_list_delete" method="post" action="?q=<?php echo class_for_url($db_object); ?> /delete"> <input type="hidden" id="delete_id" name="delete_id" value="false" /> </form> <?php } else { ?> No object <?php }
</div> <hr> <h3>Example</h3> <p> <?php if (!empty($definition['example'])) { ?> <?php echo $definition['example']; ?> <?php } else { ?> <code> #SITE_LINK#?q=<?php echo class_for_url($class) . '/' . $function; if (!empty($definition['parameters'])) { echo '/$' . implode('/$', array_keys($definition['parameters'])); } ?> </code>(Generated) <?php } ?> </p> <hr> <h3>Return</h3> <p> <span class="large"> <strong><?php echo $definition['return']['type'];
public static function checkParameters($parameters) { $parameters = parent::checkParameters($parameters); switch (Controller::$action) { case 'login': if (empty($parameters[0])) { $parameters[0] = Controller::getVar('username'); } if (empty($parameters[1])) { $parameters[1] = Controller::getVar('password'); } break; case 'confirm': if (empty($parameters[0])) { $parameters[0] = Controller::getVar('salt'); } case 'signup': if (array_key_exists('user', $_SESSION) && $_SESSION['BackendUser']->id > 0) { Controller::setAction('display'); } break; case 'update': case 'display': if (array_key_exists('BackendUser', $_SESSION) && $_SESSION['BackendUser']->id > 0) { //If empty, set it to the current user if (empty($parameters['0'])) { $parameters[0] = $_SESSION['BackendUser']->id; } //If not set to current user, and user doesn't have permissions, set to current user if ($parameters[0] != $_SESSION['BackendUser']->id && !Permission::check('manage', class_for_url(get_called_class())) && Permission::check(Controller::$action, class_for_url(get_called_class()))) { $parameters[0] = $_SESSION['BackendUser']->id; } } break; } return $parameters; }
public function get_permissions($component = false) { $toret = new stdClass(); //Base Permissions $parameters = array(); $query = new SelectQuery('Permission'); $query->distinct()->field(array('action', 'subject'))->filter('`active` = 1')->filter('`subject_id` = 0')->group('`subject`, `action` WITH ROLLUP'); if ($component) { $query->filter('`subject` = :component'); $parameters[':component'] = class_for_url($component); } $toret->base_perms = $query->fetchAll($parameters); //Roles $query = new SelectQuery('Role'); $query->filter('`active` = 1'); $toret->roles = $query->fetchAll(); //Activated Permissions $parameters = array(); $query = new SelectQuery('Permission', array('fields' => "CONCAT(`subject`, '::', `action`), GROUP_CONCAT(DISTINCT `role` ORDER BY `role`) AS `roles`")); $query->filter('`active` = 1')->filter('`subject_id` = 0')->filter("`role` != 'nobody'")->group('`subject`, `action`'); if ($component) { $query->filter('`subject` = :component'); $parameters[':component'] = class_for_url($component); } $permissions = $query->fetchAll($parameters, array('with_key' => 1)); $toret->permissions = array(); foreach ($permissions as $key => $value) { $toret->permissions[$key] = explode(',', current($value)); } return $toret; }
function html_display($file) { Backend::add('TabLinks', $this->getTabLinks(Controller::$action)); Backend::add('Sub Title', $file->array['name']); Backend::addContent('<a href="?q=' . class_for_url(get_class($this)) . '/read/' . $file->array['id'] . '" title="' . $file->array['name'] . '">' . $file->array['name'] . '</a>'); }
public function getArea() { return class_for_url(get_class($this)); }
public static function install(array $options = array()) { if (!Backend::getDB('default')) { return true; } $class = get_called_class(); if (!$class || !class_exists($class, true)) { return false; } //Purge permissions first $query = new DeleteQuery('Permission'); $query->filter('`subject` = :subject')->filter('`system` = 0'); $query->execute(array(':subject' => class_for_url($class))); $methods = get_class_methods($class); $methods = array_filter($methods, create_function('$var', '$temp = explode(\'_\', $var, 2); return count($temp) == 2 && in_array(strtolower($temp[0]), array(\'action\', \'get\', \'post\', \'put\', \'delete\'));')); $methods = array_map(create_function('$var', 'return preg_replace(\'/^(action|get|post|put|delete)_/\', \'\', $var);'), $methods); $result = true; foreach ($methods as $action) { $result = Permission::add('nobody', $action, class_for_url($class)) && $result; } return $result; }
<tr class="<?php echo $odd ? '' : 'even'; ?> "> <td><?php echo $component['name']; ?> </td> <td> <a id="component_<?php echo $component['id']; ?> " href="#" class="toggleActive"> <?php echo $component['active'] ? 'Yes' : 'No'; ?> </a> </td> <td> <a href="?q=gate_manager/permissions/<?php echo class_for_url($component['name']); ?> ">Permissions</a> </td> </tr> <?php } ?> </table> <?php }
public function html_create($result) { switch (true) { case $result instanceof DBObject: Controller::redirect('?q=' . class_for_url($result->array['foreign_table']) . '/' . $result->array['foreign_id']); break; } //Controller::redirect('previous'); return parent::html_create($result); }
$list_start = empty($list_start) ? Controller::$parameters[1] : $list_start; $list_length = empty($list_length) ? Controller::$parameters[2] : $list_length; $pages = ceil($list_count / $list_length); $current_page = floor($list_start / $list_length) + 1; //var_dump(count($list), $list_count, $area, $action, $list_start, $list_length, $pages, $current_page); } if (!empty($db_object->array['list']) && is_array($db_object->array['list'])) { foreach ($db_object->array['list'] as $item) { ?> <div class="tag_item_preview"> <?php if (array_key_exists('name', $item) && array_key_exists('title', $item)) { ?> <h3> <a href="?q=<?php echo class_for_url($db_object->array['foreign_table']); ?> /<?php echo $item['name']; ?> "> <?php echo $item['title']; ?> </a> </h3> <?php } else { ?> <?php var_dump($item);
</div> <span><?php echo empty($db_object->array['active']) ? ' ' : plain($db_object->array['active']); ?> </span> </div> <div class=""> <div class="span-3" style="text-align: right;"> <label>Modified:</label> </div> <span><?php echo empty($db_object->array['modified']) ? ' ' : plain($db_object->array['modified']); ?> </span> </div> <div class=""> <div class="span-3" style="text-align: right;"> <label>Added:</label> </div> <span><?php echo empty($db_object->array['added']) ? ' ' : plain($db_object->array['added']); ?> </span> </div> <p> <a href="?q=gate_manager/permissions/<?php echo class_for_url($db_object->array['name']); ?> ">Check Permissions</a> </p>
private function generateSitemap($component) { if (!method_exists($component, 'getSitemap')) { return false; } if (!Component::isActive($component)) { Backend::addError('Could not generate sitemap: Component inactive. (' . $component . ')'); return false; } $controller = new $component(); $object = $component::retrieve(); if (!$controller instanceof TableCtl) { Backend::addError('Could not generate sitemap: Invalid Area. (' . $component . ')'); return false; } $filename = WEB_FOLDER . '/sitemap_' . $component . '.xml'; if (file_exists($filename) && !is_writable($filename)) { Backend::addError('Could not generate sitemap: Cannot open sitemap file. (' . $filename . ')'); return false; } $fp = fopen($filename, 'w'); if (!$fp) { Backend::addError('Could not generate sitemap: Could not open sitemap file. (' . $component . ')'); return false; } $sitemap = $controller->getSitemap(); if (count($sitemap) == 2 && array_key_exists('list', $sitemap) && array_key_exists('options', $sitemap)) { $list = $sitemap['list']; $options = $sitemap['options']; } else { $list = $sitemap; $options = array(); } if (!$list) { Backend::addError('Could not generate sitemap: Could not generate list. (' . $component . ')'); return false; } if (Controller::$debug) { Backend::addNotice('Generating sitemap for ' . $component . ' at ' . WEB_FOLDER . '/sitemap_' . $component . '.xml found at ' . SITE_LINK . basename($filename)); } $last_date = 0; $links = array(); //Compile Links foreach ($list as $row) { $last_date = strtotime($row['modified']) > $last_date ? strtotime($row['modified']) : $last_date; if (empty($options['id_field'])) { $id = !empty($row['name']) ? $row['name'] : $row[$object->getMeta('id_field')]; } else { $id = $row[$options['id_field']]; } if (empty($id)) { var_dump($id, $row, $object->getMeta('id_field'), $object->getMeta('id')); die; } if (ConfigValue::get('CleanURLs', false)) { $url = SITE_LINK . '/' . class_for_url($component) . '/' . $id; } else { $url = SITE_LINK . '/?q=' . class_for_url($component) . '/' . $id; } $row['url'] = $url; $row = array_merge($row, $options); $links[] = $row; } //Add link to area //TODO Make this configurable if (ConfigValue::get('CleanURLs', false)) { $url = SITE_LINK . '/' . class_for_url($component); } else { $url = SITE_LINK . '/?q=' . class_for_url($component); } $link = array('url' => $url, 'modified' => date('Y-m-d H:i:s', $last_date)); $link['priority'] = array_key_exists('area_priority', $options) ? $options['area_priority'] : 0.8; $link['frequency'] = array_key_exists('frequency', $options) ? $options['frequency'] : 'daily'; $links[] = $link; fwrite($fp, Render::file('backend_sitemap/sitemap.tpl.php', array('links' => $links))); return $filename; }