Пример #1
0
 private function scan($path)
 {
     $modules = array();
     $cnt = 0;
     if ($modDir = olivopendir($path)) {
         while ($file = readdir($modDir)) {
             if (olivis_dir($path . $file) and $file != "." and $file != "..") {
                 $filePath = "{$file}/";
                 // get modules define.xml
                 if (olivfile_exists($path . $filePath)) {
                     // load module information
                     $xml = olivxml_load_file($path . $filePath . "define.xml");
                     //------------------------------------------------------------------------------
                     // check for session directory
                     $sessionDir = system::oliv_module_path() . $filePath;
                     if (sessionfile_exists($sessionDir)) {
                         $contentPath = $xml->content;
                         $templatePath = $xml->template;
                         // write directory permissions to module header
                         $xml->content['permission'] = get_permission(session_path($sessionDir) . $contentPath);
                         $xml->template['permission'] = get_permission(session_path($sessionDir) . $templatePath);
                     } else {
                         // session directory don't exist
                         $xml->status = "NO_SESSION_DIR";
                         $xml->permission = 0;
                     }
                     //------------------------------------------------------------------------------
                     // save module metadata
                     $modules[(string) $xml->name] = $xml;
                     $cnt++;
                 }
             }
         }
         closedir($modDir);
         system::set("modules", $modules);
         return $cnt;
     } else {
         OLIVError::fire("module::scan - directory {$path} not found");
     }
     return FALSE;
 }
Пример #2
0
 **************************************************************************
 *                                                                        *
 *    Dieses Script ist KEINE Freeware. Bitte lesen Sie die Lizenz-       *
 *    bedingungen (Lizenz.txt) für weitere Informationen.                 *
 *    ---------------------------------------------------------------     *
 *    This script is NOT freeware! Please read the Copyright Notice       *
 *    (Licence.txt) for further information.                              *
 *                                                                        *
 *************************************************************************/
$main_template = 'details';
define('GET_CACHES', 1);
define('ROOT_PATH', './');
define('MAIN_SCRIPT', __FILE__);
include ROOT_PATH . 'global.php';
require ROOT_PATH . 'includes/sessions.php';
$user_access = get_permission();
include ROOT_PATH . 'includes/page_header.php';
if (!$image_id) {
    redirect($url);
}
$additional_sql = "";
if (!empty($additional_image_fields)) {
    foreach ($additional_image_fields as $key => $val) {
        $additional_sql .= ", i." . $key;
    }
}
$sql = "SELECT i.image_id, i.cat_id, i.user_id, i.image_name, i.image_description, i.image_keywords, i.image_date, i.image_active, i.image_media_file, i.image_thumb_file, i.image_download_url, i.image_allow_comments, i.image_comments, i.image_downloads, i.image_votes, i.image_rating, i.image_hits" . $additional_sql . ", c.cat_name" . get_user_table_field(", u.", "user_name") . get_user_table_field(", u.", "user_email") . "\n        FROM (" . IMAGES_TABLE . " i,  " . CATEGORIES_TABLE . " c)\n        LEFT JOIN " . USERS_TABLE . " u ON (" . get_user_table_field("u.", "user_id") . " = i.user_id)\n        WHERE i.image_id = {$image_id} AND i.image_active = 1 AND c.cat_id = i.cat_id";
$image_row = $site_db->query_firstrow($sql);
$cat_id = isset($image_row['cat_id']) ? $image_row['cat_id'] : 0;
$is_image_owner = $image_row['user_id'] > USER_AWAITING && $user_info['user_id'] == $image_row['user_id'] ? 1 : 0;
if (!check_permission("auth_viewcat", $cat_id) || !check_permission("auth_viewimage", $cat_id) || !$image_row) {
Пример #3
0
function current_user_permission($menu_id)
{
    $user = user();
    $perm = get_permission($menu_id, $user->user_type_id);
    return $perm;
}
Пример #4
0
     if ($owner && $input['order']) {
         $user = get_user_by_uid($owner);
         $input['order']['client'] = $user['uid'];
         $input['order']['reader'] = $_GET['id'];
         new_order($input['order']);
         // get the new user balance
         $user = get_user_by_uid($user['uid']);
         send_headers();
         $response = array("version" => $version, "response" => "OK", "uid" => $user['uid'], "balance" => floatval($user['balance']));
         echo json_encode($response);
     } else {
         forbidden();
     }
 } elseif ($input['service'] == 0) {
     $owner = get_tag_owner($input['uid']);
     $permission = get_permission($owner, $_GET['id']);
     $end_date_reached = false;
     if ($permission['end']) {
         $end_date_reached = time() > strtotime($permission['end']);
     }
     if ($permission && !$end_date_reached) {
         // user is allowed
         // TODO check the end value
         // log the request if it is a swipe
         add_swipe($_GET['id'], $owner, 0, 1);
         send_headers();
         $response = array("version" => $version, "response" => "OK", "uid" => $owner);
         echo json_encode($response);
     } else {
         // user is not allowed
         add_swipe($_GET['id'], $owner, 0, 0);
Пример #5
0
 /**
  * 查看草稿
  */
 public function show_draft()
 {
     $draftId = I('draftId');
     $draftInfo = $this->draftDb->where('id=' . $draftId)->find();
     $draftInfo['type_name'] = get_daily_type($draftInfo['typeid']);
     $draftInfo['permission'] = get_permission($draftInfo['permission']);
     $draftInfo['content'] = $draftInfo['content'];
     $this->assign('draftInfo', $draftInfo);
     $this->display('Daily/show_draft');
 }
Пример #6
0
    $ure_uld_id = get_uldid();
    $get_project_array = get_projectentry($ure_uld_id);
    $error = '3,4,5,6,7,8,16,17,18,67,115,120,142';
    $error_array = get_error_msg($error);
    $min_date = get_joindate($ure_uld_id);
    $login_array = get_active_emp_id();
    //    $select_wfh=mysqli_query($con,"select WFHA_FLAG from WORK_FROM_HOME_ACCESS where ULD_ID=$ure_uld_id");
    //    while($row=mysqli_fetch_array($select_wfh))
    //    {
    //        $wfh_flag=$row['WFHA_FLAG'];
    //    }
    $values_array = array($get_permission_array, $get_project_array, $min_date, $error_array, $login_array, $wfh_flag);
    echo JSON_ENCODE($values_array);
}
if ($_REQUEST["option"] == "admin_search_update") {
    $get_permission_array = get_permission();
    $ure_uld_id = get_uldid();
    //    $get_project_array=get_project();
    $error = '3,4,5,6,7,8,16,17,18,67,83,98,109,110';
    $error_array = get_error_msg($error);
    //    $min_date=get_joindate($ure_uld_id);
    $admin_searchmin_date = mysqli_query($con, "SELECT MIN(UARD_DATE) as UARD_DATE FROM USER_ADMIN_REPORT_DETAILS  ");
    while ($row = mysqli_fetch_array($admin_searchmin_date)) {
        $admin_searchmin_date_value = $row["UARD_DATE"];
        $min_date = date('d-m-Y', strtotime($admin_searchmin_date_value));
    }
    $admin_searchmax_date = mysqli_query($con, "SELECT MAX(UARD_DATE) as UARD_DATE FROM USER_ADMIN_REPORT_DETAILS  ");
    while ($row = mysqli_fetch_array($admin_searchmax_date)) {
        $admin_searchmax_date_value = $row["UARD_DATE"];
        $max_date = date('d-m-Y', strtotime($admin_searchmax_date_value));
    }
Пример #7
0
function modify_permission_action($session_uid, $uid, $id)
{
    // needed to set the tab active
    $readers_active = true;
    //check if the user is admin
    if (user_is_admin($session_uid)) {
        $permission = get_permission($uid, $id);
        // Fetch all the readers IDs
        $ids = get_all_ids();
        // Fetch all the users UIDs
        $uids = get_all_uids();
        require 'templates/permission.php';
    } else {
        require 'templates/login.php';
    }
}
Пример #8
0
	            	<table class="table table-bordered table-hover">
	            		<tr>
	            			<th style="width:300px;">Menu</th>
	            			<th>Action</th>
	            		</tr>
	            		<?php 
foreach ($menus as $key => $menu_item) {
    ?>
	            		<tr>
	            			<td><?php 
    echo $menu_item->title;
    ?>
</td>
	            			<td>
	            				<?php 
    $perm = get_permission($menu_item->id, @$value->id, null);
    if ($menu_item->have_view_access) {
        $checked = $perm->can_view == 'y' ? 'checked="checked"' : "";
        echo '<div class="checkbox" style="margin-right:25px;display:inline;">												
    												<label>
														<input type="checkbox" name="chk_' . $menu_item->id . '_view_access" value="y" ' . $checked . '> Can View
													</label>
											  </div>';
    }
    ?>
	            				<?php 
    if ($menu_item->have_create_access) {
        $checked = $perm->can_create == 'y' ? 'checked="checked"' : "";
        echo '<div class="checkbox" style="margin-right:25px;display:inline;">												
    												<label>
														<input type="checkbox" name="chk_' . $menu_item->id . '_create_access" value="y" ' . $checked . '> Can Create/Edit
Пример #9
0
                    ?>
</a></li>
			        		<?php 
                }
                ?>
			        <?php 
            }
            ?>
			      </ul>
			    </li>
		    <?php 
        }
        ?>
    <?php 
    } else {
        $perm = get_permission($mitem->id, $current_user->user_type_id, null, null);
        if ($perm->can_view == 'y') {
            ?>
    	<li class="<?php 
            if ($menu_id == $mitem->id) {
                echo 'active';
            }
            ?>
"><a href="<?php 
            echo $mitem->url;
            ?>
"><i class="fa fa-book"></i> <?php 
            echo $mitem->title;
            ?>
</a></li>
    	<?php
Пример #10
0
session_start();
include "inc/dbconn.php";
include "inc/function.php";
if (isset($_POST['action']) && !empty($_POST['action'])) {
    $action = $_POST['action'];
} elseif (isset($_GET['action']) && !empty($_GET['action'])) {
    $action = $_GET['action'];
}
echo $_POST['action'];
switch ($action) {
    case 'get_user_details':
        get_user_details();
        break;
    case 'get_permission':
        get_permission();
        break;
    case 'save_user_details':
        save_user_details();
        break;
    case 'logout_user':
        logout_user();
        break;
    case 'get_user_email':
        get_user_email();
        break;
    case 'getfd':
        get_full_details();
        break;
    case 'reset':
        clear_session();
Пример #11
0
            }
        }
    }
    return false;
}
if ($action == 78 && $_GET['mode'] == 'treetabs') {
    if (get_permission('edit_chunk', $_GET['id'], $chunk)) {
        include_once "header.inc.php";
        $asset_path = $modx->config['base_path'] . 'assets/plugins/treetabs/actions/chunk.php';
        include_once $asset_path;
        include_once "footer.inc.php";
    }
    exit;
}
if ($action == 10001) {
    if (get_permission('run_chunk', $_GET['id'], $chunk)) {
        include_once MODX_BASE_PATH . 'assets/snippets/ditto/classes/phx.parser.class.inc.php';
        $res = $modx->db->select("name", $modx->getFullTableName('site_htmlsnippets'), "id='" . $_GET['id'] . "'");
        if ($modx->db->getRecordCount($res)) {
            $name = $modx->db->getValue($res);
            $phx = new PHxParser();
            $tpl = $modx->getChunk($name);
            $output = $phx->Parse($tpl);
        }
        echo $output;
    }
    exit;
}
if ($action == 1 && $_GET['f'] == 'nodes' && $_GET['parent'] == $setting_tabs_spec_id) {
    $section = explode('</section>', $chunk);
    foreach ($section as $key => $value) {