function fn_ult_check_store_permission($params, &$redirect_controller) { $result = true; $controller = Registry::get('runtime.controller'); $redirect_controller = $controller; // FIXME: move in schema switch ($controller) { case 'products': if (!empty($params['product_id'])) { $key = 'product_id'; $key_id = $params[$key]; $table = 'products'; $object_name = fn_get_product_name($key_id, DESCR_SL); $object_type = __('product'); $check_store_permission = array('func' => 'fn_ult_check_store_permission_product', 'args' => array('$table', '$key', '$key_id')); } break; case 'categories': if (!empty($params['category_id'])) { $key = 'category_id'; $key_id = $params[$key]; $table = 'categories'; $object_name = fn_get_category_name($key_id, DESCR_SL); $object_type = __('category'); } break; case 'orders': if (!empty($params['order_id'])) { $key = 'order_id'; $key_id = $params[$key]; $table = 'orders'; $object_name = '#' . $key_id; $object_type = __('order'); } break; case 'shippings': if (!empty($params['shipping_id'])) { $key = 'shipping_id'; $key_id = $params[$key]; $table = 'shippings'; $object_name = fn_get_shipping_name($key_id, DESCR_SL); $object_type = __('shipping'); } break; case 'promotions': if (!empty($params['promotion_id'])) { $key = 'promotion_id'; $key_id = $params[$key]; $table = 'promotions'; $object_name = fn_get_promotion_name($key_id, DESCR_SL); $object_type = __('promotion'); } break; case 'pages': if (!empty($params['page_id'])) { $key = 'page_id'; $key_id = $params[$key]; $table = 'pages'; $object_name = fn_get_page_name($key_id, DESCR_SL); $object_type = __('content'); } break; case 'profiles': if (!empty($params['user_id'])) { $key = 'user_id'; $key_id = $params[$key]; $table = 'users'; $object_name = fn_get_user_name($key_id, DESCR_SL); $object_type = __('user'); $check_store_permission = array('func' => 'fn_ult_check_store_permission_profiles', 'args' => array('$params', '$table', '$key', '$key_id')); } break; case 'settings': if (!empty($params['section_id'])) { $object_name = $params['section_id']; $object_type = __('section'); $table = 'settings'; $check_store_permission = array('func' => 'fn_ult_check_store_permission_settings', 'args' => array('$object_name')); } break; case 'shipments': if (!empty($params['shipment_id'])) { $key = 'shipment_id'; $key_id = $params[$key]; $table = 'shipments'; $object_name = '#' . $key_id; $object_type = __('shipment'); $check_store_permission = array('func' => 'fn_ult_check_store_permission_shipments', 'args' => array('$key_id')); } break; case 'static_data': if (!empty($params['menu_id'])) { $key = 'menu_id'; $key_id = $params[$key]; $table = 'menus'; $object_name = fn_get_menu_name($key_id); $object_type = __('menu'); $redirect_controller = 'menus'; } break; case 'companies': if (!empty($params['company_id'])) { $key = 'company_id'; $key_id = $params[$key]; $table = 'companies'; $object_name = fn_get_company_name($key_id); $object_type = __('company'); } break; } fn_set_hook('ult_check_store_permission', $params, $object_type, $object_name, $table, $key, $key_id); if (!empty($object_name)) { if (!empty($check_store_permission)) { $args = array(); foreach ($check_store_permission['args'] as $arg) { if ($arg[0] == '$') { $arg = ltrim($arg, "\$"); $args[] = ${$arg}; } } $result = call_user_func_array($check_store_permission['func'], $args); } else { $result = fn_check_company_id($table, $key, $key_id) || fn_check_shared_company_id($table, $key_id); } } fn_set_hook('ult_check_store_permission_post', $params, $object_type, $object_name, $result); if ($result == false) { fn_set_notification('W', __('warning'), __('store_object_denied', array('[object_type]' => $object_type, '[object_name]' => fn_truncate_chars($object_name, 20))), '', 'store_object_denied'); } return $result; }
/** * Form top menu * * @param array $top_menu top menu data from the database * @return array formed top menu */ function fn_top_menu_form($top_menu) { foreach ($top_menu as $k => $v) { if (!empty($v['param_3'])) { // get extra items list($type, $id, $use_name) = fn_explode(':', $v['param_3']); if ($type == 'C') { // categories $cats = fn_get_categories_tree($id, true); $v['subitems'] = fn_array_merge(fn_top_menu_standardize($cats, 'category_id', 'category', 'subcategories', 'categories.view?category_id=', $v['param_4']), !empty($v['subitems']) ? $v['subitems'] : array(), false); if ($use_name == 'Y' && !empty($id)) { $v['descr'] = fn_get_category_name($id); $v['param'] = 'categories.view?category_id=' . $id; } } elseif ($type == 'A') { // pages $params = array('from_page_id' => $id, 'get_tree' => 'multi_level', 'status' => 'A'); list($pages) = fn_get_pages($params); $v['subitems'] = fn_array_merge(fn_top_menu_standardize($pages, 'page_id', 'page', 'subpages', 'pages.view?page_id=', $v['param_4']), !empty($v['subitems']) ? $v['subitems'] : array(), false); if ($use_name == 'Y' && !empty($id)) { $v['descr'] = fn_get_page_name($id); $v['param'] = 'pages.view?page_id=' . $id; } } else { // for addons fn_set_hook('top_menu_form', $v, $type, $id, $use_name); } } if (!empty($v['subitems'])) { $top_menu[$k]['subitems'] = fn_top_menu_form($v['subitems']); } $top_menu[$k]['item'] = $v['descr']; $top_menu[$k]['href'] = $v['param']; unset($top_menu[$k]['descr'], $top_menu[$k]['param']); } return $top_menu; }
} // summary mode: tag - product list, tag - product list } elseif ($mode == 'summary') { fn_add_breadcrumb(__('tags')); if (!empty($auth['user_id'])) { list($user_tags) = fn_get_tags(array('user_id' => $auth['user_id'])); foreach ($user_tags as &$tag) { $tag['total'] = 0; if (Registry::get('addons.tags.tags_for_products') == 'Y') { $product_ids = db_get_fields("SELECT object_id FROM ?:tag_links WHERE object_type = ?s AND user_id = ?i AND tag_id = ?i", 'P', $auth['user_id'], $tag['tag_id']); $tag['products'] = fn_get_product_name($product_ids); $tag['total'] += count($product_ids); } if (Registry::get('addons.tags.tags_for_products') == 'Y') { $page_ids = db_get_fields("SELECT object_id FROM ?:tag_links WHERE object_type = ?s AND user_id = ?i AND tag_id = ?i", 'A', $auth['user_id'], $tag['tag_id']); $tag['pages'] = fn_get_page_name($page_ids); $tag['total'] += count($page_ids); } } Registry::get('view')->assign('tags_summary', $user_tags); } // ajax autocomplete mode } elseif ($mode == 'list') { if (defined('AJAX_REQUEST')) { $tags = fn_get_tag_names(array('tag' => $_REQUEST['q'])); Registry::get('ajax')->assign('autocomplete', $tags); exit; } } elseif ($mode == 'update' && !empty($auth['user_id'])) { if (defined('AJAX_REQUEST')) { $params = $_REQUEST;