PHP hasPermissions примеры использования

Пример #1

Файл: mailer.server.php Проект: kapai69/fl-ru-damp

function setAutoComplete($block, $check = false)
{
    $objResponse = new xajaxResponse();
    if (!(hasPermissions('adm') && hasPermissions('mailer'))) {
        return $objResponse;
    }
    require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/Digest/DigestFactory.php';
    if (!in_array($block, DigestFactory::$types)) {
        return $objResponse;
    }
    $digestBlock = new $block();
    $digestBlock->setCheck($check);
    if (!$digestBlock->isAutoComplete()) {
        return $objResponse;
    }
    $auto = $digestBlock->setFieldAutoComplete();
    if ($auto) {
        ob_start();
        $digestBlock->displayBlock();
        $html = ob_get_clean();
        $objResponse->assign($block . $digestBlock->getNum(), 'innerHTML', $html);
        $objResponse->call('setInitPosition');
        $objResponse->call('initNaviButton', $block . $digestBlock->getNum());
        $objResponse->call('initCheckSelect', $block . $digestBlock->getNum());
    } else {
        $objResponse->call('alert', 'Нет данных для автозаполнения');
        return $objResponse;
    }
    return $objResponse;
}

Пример #2

Файл: page_admin_static_pages.class.php Проект: kapai69/fl-ru-damp

 public function savewysiwygAction()
 {
     $db = front::og('db');
     $alias = front::$_req['alias'];
     // проверяем права (могут быть разные для разных страниц)
     switch ($alias) {
         default:
             $permission = null;
     }
     if (!$permission || !hasPermissions($permission)) {
         return;
     }
     $text = front::$_req['form']['n_text'];
     $text = iconv('UTF-8', 'CP1251', $text);
     $text = __paramValue('ckedit', $text);
     $title = front::$_req['form']['title'];
     $title = iconv('UTF-8', 'CP1251', $title);
     $title = __paramValue('string', $title);
     $save = array('title' => $title, 'n_text' => $text);
     if ($alias) {
         $aff = $db->update('UPDATE static_pages SET ?s WHERE (alias = ?)', $save, $alias);
         if (!$aff) {
             $save['alias'] = $alias;
             $db->insert('static_pages', $save, false);
         }
     }
     echo json_encode(array('success' => true, 'alias' => $alias));
 }

Пример #3

Файл: GuestController.php Проект: Nikitian/fl-ru-damp

 /**
  * Инициализация контроллера
  */
 public function init($action)
 {
     parent::init();
     $this->uid = get_uid(false);
     $this->is_adm = hasPermissions('projects', $this->uid);
     $this->layout = '//layouts/content-with-right-narrow-sidebar';
 }

Пример #4

Файл: TServiceCatalogController.php Проект: kapai69/fl-ru-damp

 public function init()
 {
     parent::init();
     stat_collector::setStamp();
     // stamp
     $this->uid = get_uid();
     $this->is_adm = hasPermissions('tservices');
     // разметка страницы с левым сайдбаром
     $this->layout = '//layouts/content-with-right-sidebar';
     // в сайдбаре вывести фильтр с учётом текущей категории
     $this->getClips()->add('sidebar', $this->widget('TServiceFilter', array(), true));
     // чтобы отрисовать фильтр и опции
     # TODO добиться, чтобы $this->widget('TServiceFilter') и $this->createWidget($this,'TServiceFilter') возвращал один и тот же объект
     $this->filter_widget = $this->createWidget($this, 'TServiceFilter', array());
     // копия, чтобы узнать, какие опции были выбраны
     $prof_id = $this->filter_widget->filter->category ? $this->filter_widget->filter->category : $this->filter_widget->filter->category_group;
     //----------------------------------------------------------------------
     //@todo: возможно нужно общее хранилище собираемых данных
     //в течении работы скрипта с последующей передачей в GA и Adriver?
     GaJsHelper::getInstance()->setTuCategories($this->filter_widget->filter->category_group, $this->filter_widget->filter->category);
     adriver::getInstance()->setTuCategories($this->filter_widget->filter->category_group, $this->filter_widget->filter->category);
     //----------------------------------------------------------------------
     SeoTags::getInstance()->initTserviceList($prof_id, $this->filter_widget->filter->category > 0);
     $this->getClips()->add('header', $this->widget('TServiceNavigation', array('category_group' => $this->filter_widget->filter->category_group, 'category' => $this->filter_widget->filter->category, 'filter_get_params' => $this->filter_widget->getUserFriendlyUrl(false)), true));
     $this->getClips()->add('content_top', $this->widget('TServiceCatalogHeader', array(), true));
     $this->getClips()->add('categories', $this->widget('TServiceCatalogCategories', array('category_group' => $this->filter_widget->filter->category_group, 'filter_get_params' => $this->filter_widget->getUserFriendlyUrl(false)), true));
     // в футере каталога вывести список специализаций фрилансеров
     $this->getClips()->add('footer', $this->widget('TServiceFreelancersCategories', array(), true));
     $tserviceModel = TServiceModel::model();
     $this->counter_users = $tserviceModel->countUsers();
     $this->counter_tu = $tserviceModel->countTservices();
 }

Пример #5

Файл: page_admin_static_pages.class.php Проект: Nikitian/fl-ru-damp

 function savewysiwygAction()
 {
     $db = front::og("db");
     $alias = front::$_req["alias"];
     // проверяем права (могут быть разные для разных страниц)
     switch ($alias) {
         default:
             $permission = null;
     }
     if (!$permission || !hasPermissions($permission)) {
         return;
     }
     $text = front::$_req["form"]["n_text"];
     $text = iconv('UTF-8', 'CP1251', $text);
     $text = __paramValue('ckedit', $text);
     $title = front::$_req["form"]["title"];
     $title = iconv('UTF-8', 'CP1251', $title);
     $title = __paramValue('string', $title);
     $save = array("title" => $title, "n_text" => $text);
     if ($alias) {
         $aff = $db->update("UPDATE static_pages SET ?s WHERE (alias = ?)", $save, $alias);
         if (!$aff) {
             $save["alias"] = $alias;
             $db->insert("static_pages", $save, false);
         }
     }
     echo json_encode(array("success" => true, "alias" => $alias));
 }

Пример #6

Файл: TServiceOrderController.php Проект: kapai69/fl-ru-damp

 /**
  * Инициализация контроллера.
  */
 public function init()
 {
     parent::init();
     $this->is_adm = hasPermissions('tservices');
     $this->is_emp = (bool) is_emp();
     $this->layout = '//layouts/content-with-right-sidebar-fixed';
     $this->order_model = TServiceOrderModel::model();
 }

Пример #7

Файл: index.php Проект: Bramas/lychee-create-medium

 function createMedium($url, $filename, $width, $height)
 {
     # Function creates a smaller version of a photo when its size is bigger than a preset size
     # Excepts the following:
     # (string) $url = Path to the photo-file
     # (string) $filename = Name of the photo-file
     # (int) $width = Width of the photo
     # (int) $height = Height of the photo
     # Returns the following
     # (boolean) true = Success
     # (boolean) false = Failure
     # Set to true when creation of medium-photo failed
     global $settings;
     $error = false;
     # Size of the medium-photo
     # When changing these values,
     # also change the size detection in the front-end
     global $newWidth;
     global $newHeight;
     # Check permissions
     if (hasPermissions(LYCHEE_UPLOADS_MEDIUM) === false) {
         # Permissions are missing
         $error = true;
         echo 'Not enough persmission on the medium folder' . "\n";
     }
     # Is photo big enough?
     # Is Imagick installed and activated?
     if ($error === false && ($width > $newWidth || $height > $newHeight) && (extension_loaded('imagick') && $settings['imagick'] === '1')) {
         $newUrl = LYCHEE_UPLOADS_MEDIUM . $filename;
         # Read image
         $medium = new Imagick();
         $medium->readImage(LYCHEE . $url);
         # Adjust image
         $medium->scaleImage($newWidth, $newHeight, true);
         # Save image
         try {
             $medium->writeImage($newUrl);
         } catch (ImagickException $err) {
             Log::notice($database, __METHOD__, __LINE__, 'Could not save medium-photo: ' . $err->getMessage());
             $error = true;
             echo 'Imagick Exception:' . "\n";
             var_dump($e);
         }
         $medium->clear();
         $medium->destroy();
     } else {
         # Photo too small or
         # Imagick not installed
         $error = true;
     }
     if ($error === true) {
         return false;
     }
     return true;
 }

Пример #8

Файл: masssending.server.php Проект: kapai69/fl-ru-damp

function MasssendingSave($id, $txt)
{
    $response = new xajaxResponse();
    if (hasPermissions('masssending')) {
        require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/masssending.php';
        masssending::UpdateText($id, $txt);
        $mass = masssending::Get($id);
        $response->assign('mass_txt_' . $id, 'innerHTML', reformat($mass[0]['msgtext'], 30, 0, 0, 1));
    }
    return $response;
}

Пример #9

Файл: presscenter.server.php Проект: kapai69/fl-ru-damp

/**
* Удаление фотографии.
*
* @param    integer $id     ID пользователя
*/
function DeletePhoto($id)
{
    session_start();
    $objResponse = new xajaxResponse();
    if (hasPermissions('users')) {
        require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/team.php';
        team::DeletePhoto($id);
        $objResponse->assign('peoplephoto_' . $id, 'src', '/images/team_no_foto.gif');
        $objResponse->assign('pt_photo_file', 'style.display', 'none');
    }
    return $objResponse;
}

Пример #10

Файл: banners_adm.server.php Проект: Nikitian/fl-ru-damp

function AddClient($data)
{
    $objResponse = new xajaxResponse();
    require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/banners.php";
    session_start();
    get_uid(false);
    if (!hasPermissions('banners')) {
        return $objResponse;
        exit;
    }
    if (!$_SESSION['uid']) {
        return $objResponse;
        exit;
    }
    $ban_obj = new banners();
    $name = trim($data['name']);
    $adr = trim($data['adr']);
    $phone = trim($data['phone']);
    $cont = trim($data['cont']);
    $email = trim($data['email']);
    $notes = trim($data['notes']);
    $id = trim($data['id']);
    if (!$id) {
        $action = 'add';
    } else {
        $action = 'update';
    }
    if ($action == "add" && $name) {
        $res = $ban_obj->AddCompany($name, $adr, $phone, $cont, $email, $notes);
        if (intval($res)) {
            $newid = $res;
        } else {
            $error = $res;
        }
    }
    if ($action == "update" && $name && $id) {
        $error = $ban_obj->EditCompany($id, $name, $adr, $phone, $cont, $email, $notes);
    }
    if ($newid) {
        $company = $ban_obj->GetCompany($newid, $error);
    }
    if ($error) {
        $objResponse->alert($error);
        return $objResponse;
    }
    if (!$newid) {
        $objResponse->alert('Сохранить не получилось. Может что-то не заполнили?');
        return $objResponse;
    }
    $objResponse->call('AddClient', $company);
    return $objResponse;
}

Пример #11

Файл: contest.php Проект: Nikitian/fl-ru-damp

/**
 * Выводит дерево комментариев. Используется здесь и в xajax/contest.server.php
 * @param  integer   $pid            id проекта
 * @param  string    $name           название проекта
 * @param  array     $comments       массив с деревом комментариев (подробнее в classes/contest.php)
 * @param  boolean   $comm_blocked   автор отключил возможность оставлять комментарии?
 * @param  boolean   $project_end    проект закрыт?
 * @param  integer   $s_level        уровень вложенности комментария
 * @return string                    HTML с кнопками управления
 */
function comments($pid, $name, &$comments, $comm_blocked, $project_end, $s_level = 0)
{
    global $stop_words, $contest, $project, $session;
    static $level = 0;
    $level = ($s_level ? $s_level : $level) + 1;
    $html = '';
    $set_branch_as_read = false;
    for ($i = 0, $c = count($comments); $i < $c; $i++) {
        if (($comments[$i]['is_banned'] || $comments[$i]['usr_banned'] || $comments[$i]['user_blocked'] === 't') && !hasPermissions('projects') && !$contest->is_owner) {
            $msg = $msg2 = 'Ответ от заблокированного пользователя';
        } else {
            if (!trim($comments[$i]['deleted'])) {
                $sMsg = $comments[$i]['moderator_status'] === '0' ? $stop_words->replace($comments[$i]['msg']) : $comments[$i]['msg'];
                $msg = reformat($sMsg, 30, 0, 0, 1);
                $msg2 = reformat($comments[$i]['msg'], 30, 0, 0, 1);
            } else {
                $msg2 = $msg = "Комментарий удален модератором";
                if (hasPermissions("comments")) {
                    $moderator = '';
                    $moderatorData = new users();
                    $moderatorData->GetUserByUID($comments[$i]['deluser_id']);
                    if ($moderatorData->login) {
                        $moderator = ' ' . $moderatorData->login . ' (' . $moderatorData->uname . ' ' . $moderatorData->usurname . ') ';
                    }
                    $msg2 = $msg = $msg . " {$moderator}";
                }
                if ($comments[$i]['deluser_id'] == $comments[$i]['user_id']) {
                    $msg2 = $msg = "Комментарий удален автором";
                } else {
                    if (trim($comments[$i]['deleted_reason']) && (hasPermissions("comments") || $comments[$i]['user_id'] == get_uid(false))) {
                        $msg2 = $msg = $msg . "<div style='color:#ff0000'>Причина: " . $comments[$i]['deleted_reason'] . "</div>";
                    }
                }
            }
        }
        $a_is_banned = ($comments[$i]['is_banned'] || $comments[$i]['usr_banned']) && hasPermissions('projects');
        $html .= "\n\t\t\t<li class='thread' id='thread-{$comments[$i]['id']}'" . ($level >= 9 ? " style='margin-left: 0'" : "") . ">\n\t\t\t\t<a name='c-comment-{$comments[$i]['id']}'></a>\n\t\t\t\t<div class='comment-one" . ($comments[$i]['deleted'] || $comments[$i]['hidden'] ? " comment-deleted" : "") . "' id='comment-{$comments[$i]['id']}'>\n\t\t\t\t\t<div class='contest-ea'>" . view_avatar($comments[$i]['login'], $comments[$i]['photo'], 1) . "</div>\n\t\t\t\t\t<div class='comment-body'>\n\t\t\t\t\t\t<h3 class='username'>" . $session->view_online_status($comments[$i]['login']) . "\n\t\t\t\t\t\t\t<a href='/users/{$comments[$i]['login']}' class='" . (is_emp($comments[$i]['role']) ? 'employer-name' : 'freelancer-name') . "'>{$comments[$i]['uname']} {$comments[$i]['usurname']} [{$comments[$i]['login']}]</a>&nbsp;" . view_mark_user($comments[$i]) . "&nbsp;" . ($comments[$i]['completed_cnt'] > 0 ? '<a href="/promo/bezopasnaya-sdelka/" title="Пользователь работал через Безопасную Сделку" target="_blank"><span class="b-icon b-icon__shield b-icon_top_1"></span></a>' : '') . "\n\t\t\t\t\t\t\t<span>[" . dateFormat('d.m.Y | H:i', $comments[$i]['post_date']) . "]</span>\n\t\t\t\t\t\t\t<span id='comment-modified-{$comments[$i]['id']}'>" . ($comments[$i]['modified'] ? "[изменен " . dateFormat('d.m.Y | H:i', $comments[$i]['modified']) . "]" : '&nbsp;') . "</span>\n\t\t\t\t\t\t\t" . ($a_is_banned ? "<b style=\"color:#ff0000\">Пользователь забанен</b>" : "") . "\n\t\t\t\t\t\t</h3>\n\t\t\t\t\t\t" . ($_SESSION['uid'] && $comments[$i]['is_new'] ? "<p><img src='/images/mark-new.png' width='53' height='12' alt='новое' class='mark-new' /></p>" : "") . "\n\t\t\t\t\t\t<div id='comment-change-{$comments[$i]['id']}'>\n\t\t\t\t\t\t<p id='comment-msg-{$comments[$i]['id']}' " . ($a_is_banned ? "style='color:silver'" : "") . ".>" . $msg . "</p>\n\t\t\t\t\t\t<div id='comment-msg-original-{$comments[$i]['id']}' style='display:none'>" . $msg2 . "</div>\n\t\t\t\t\t\t<script type=\"text/javascript\">\n                        banned.addContext( 'p{$pid}c{$comments[$i]['id']}', 3, '" . HTTP_PREFIX . "{$_SERVER['HTTP_HOST']}" . getFriendlyURL("project", $pid) . "?comm={$comments[$i]['id']}#comment-{$comments[$i]['id']}', \"" . htmlspecialchars($name) . "\" );\n                        </script>\n\t\t\t\t\t\t<ul class='thread-options' id='comment-options-{$comments[$i]['id']}'>\n\t\t\t\t\t\t\t" . comment_options($pid, $comments[$i], $comm_blocked, $project_end, $level, $name) . "\n\t\t\t\t\t\t</ul>\n                        <div id='warnreason-" . $comments[$i]['id'] . "-" . $comments[$i]['user_id'] . "' style='display:none; padding: 0 0 5px 0px;'>&nbsp;</div>\n\t\t\t\t\t\t</div>\n\t\t\t\t\t</div>\n\t\t\t\t</div>\n\t\t\t\t" . (empty($comments[$i]['comments']) ? '' : '<ul>' . comments($pid, $name, $comments[$i]['comments'], $comm_blocked, $project_end) . '</ul>') . "\n\t\t\t</li>\n\t\t";
        if ($comments[$i]['is_new']) {
            $set_branch_as_read = true;
        }
    }
    if ($set_branch_as_read) {
        $p = new projects();
        $data = array("id" => $pid, "kind" => 7, "user_id" => $project["user_id"]);
        $p->SetRead($data, get_uid(false), true);
    }
    --$level;
    return $html;
}

Пример #12

Файл: status.server.php Проект: Nikitian/fl-ru-damp

function SaveStatus($text, $statusType, $login = NULL)
{
    session_start();
    $freelancer = new freelancer();
    $text = addslashes(substr(stripslashes(trim($text)), 0, 200));
    close_tags($text, 's');
    $freelancer->status_text = antispam(htmlspecialchars(htmlspecialchars_decode(change_q_x(trim($text), true, false), ENT_QUOTES), ENT_QUOTES));
    $freelancer->status_type = intval($statusType);
    if ($freelancer->statusToStr($statusType)) {
        $stdStatus = "";
        $objResponse = new xajaxResponse();
        $uid = hasPermissions('users') && $login != $_SESSION['login'] ? $freelancer->GetUid($err, $login) : get_uid(false);
        $pro = hasPermissions('users') && $login != $_SESSION['login'] ? is_pro(true, $uid) : is_pro();
        $error = $freelancer->Update($uid, $res);
        if (!$freelancer->status_text) {
            $freelancer->status_text = $stdStatus;
        }
        $freelancer->status_text = stripslashes($freelancer->status_text);
        switch ($freelancer->status_type) {
            case 1:
                $status_cls = 'b-status b-status_busy';
                break;
            case 2:
                $status_cls = 'b-status b-status_abs';
                break;
            case -1:
                $status_cls = 'b-status b-status_no';
                break;
            default:
                $status_cls = 'b-status b-status_free';
        }
        if (!$noassign) {
            require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/stop_words.php';
            $stop_words = new stop_words(hasPermissions('users'));
            $sStatusText = $pro ? $freelancer->status_text : $stop_words->replace($freelancer->status_text);
            //$GLOBALS['xajax']->setCharEncoding("windows-1251");
            $jsobj = json_encode(array('data' => iconv('CP1251', 'UTF8', $freelancer->status_text)));
            $objResponse->assign("statusText", "innerHTML", $freelancer->status_text == $stdStatus ? "" : reformat($sStatusText, 40, 0, 1, 25));
            $objResponse->assign("statusTitle", "innerHTML", $freelancer->statusToStr($statusType));
            //            $objResponse->assign("statusTitle", "style.display", $statusType > -1 ? '' : 'none');
            $objResponse->script("statusType = {$statusType};\n\t\t\t                      statusTxt = document.getElementById('statusText').innerHTML;\n\t\t\t                      statusTxtSrc = {$jsobj};");
        }
        $objResponse->script("\$('bstatus').erase('class');\n             \$('bstatus').addClass('{$status_cls}');");
    }
    return $objResponse;
}

Пример #13

Файл: bill.server.php Проект: Nikitian/fl-ru-damp

function ShowBillComms($bill_id, $uid = 0, $mode = 1)
{
    global $session;
    session_start();
    $objResponse = new xajaxResponse();
    if ($uid && !hasPermissions('payments')) {
        return $objResponse;
    } elseif (!$uid) {
        $uid = $_SESSION['uid'];
    }
    $account = new account();
    if ($account->checkOperationOwner((int) $bill_id, (int) $uid)) {
        $info = $account->GetHistoryInfo($bill_id, $uid, $mode);
    }
    if (isset($info) && $info) {
        $objResponse->assign("bil" . $bill_id, "innerHTML", ($mode == 2 ? '<br/>' : '') . $info);
    }
    return $objResponse;
}

Пример #14

Файл: rating.server.php Проект: kapai69/fl-ru-damp

function GetMorePrj($uid)
{
    session_start();
    $objResponse = new xajaxResponse();
    $html = '';
    require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/projects_offers.php';
    $prjs = projects_offers::GetFrlOffers($uid, 'marked', NULL);
    $i = 0;
    $uid = get_uid(FALSE);
    $is_adm = hasPermissions('users');
    if ($prjs) {
        foreach ($prjs as $p) {
            $is_link = $uid > 0 && (in_array($uid, array($p['exec_id'], $p['project_user_id'], $p['offer_user_id'])) || $is_adm);
            ++$i;
            $html .= "<li><span class='prj_list_number'>{$i}.</span>";
            if ($p['kind'] == 9) {
                $html .= $is_link ? "<a href='" . getFriendlyURL('project', $p['project_id']) . "'>{$p['project_name']}</a>" : "{$p['project_name']}";
            } else {
                $html .= "<a href='" . getFriendlyURL('project', $p['project_id']) . "'>{$p['project_name']}</a>";
            }
            if ($p['position'] > 0 && $p['is_executor'] == 't') {
                //$html .= " ({$p['position']}-е место)";
            }
            if ($p['refused'] == 't') {
                $html .= "<p>Отказ: <span class='ops-minus'>" . $p['rating'] . '</span></p>';
            }
            if ($p['selected'] == 't') {
                $html .= "<p><span>Кандидат: <span class='ops-plus'>+" . $p['rating'] . '</span></p>';
            }
            if ($p['is_executor'] == 't' && $p['position'] <= 0) {
                $html .= "<p><span>Исполнитель: <span class='ops-plus'>+" . $p['rating'] . '</span></p>';
            }
            if ($p['position'] > 0) {
                $html .= "<p>{$p['position']}-е место: <span class='ops-plus'>+{$p['rating']}</span></p>";
            }
            $html .= '</li>';
        }
        $objResponse->assign('prj_list', 'innerHTML', $html);
    }
    return $objResponse;
}

Пример #15

Файл: projects_status.server.php Проект: kapai69/fl-ru-damp

function projectEditFeedback($feedback_id)
{
    $uid = get_uid(false);
    $objResponse =& new xajaxResponse();
    $feedbackModel = new projects_feedback();
    $data = $feedbackModel->getFeedback($feedback_id);
    if (!$data) {
        return $objResponse;
    }
    $is_adm = hasPermissions('projects');
    $is_owner = $data['user_id'] == $uid;
    if (!$is_owner && !$is_adm) {
        return $objResponse;
    }
    $content = Template::render(ABS_PATH . '/projects/tpl.feedback-form.php', $data);
    $ele_id = 'form_container_' . $feedback_id . '-3';
    $objResponse->script("\$\$('.editFormSbr').set('html', ' ').setStyle('display', 'none');");
    $objResponse->script("\$\$('.sbrmsgblock').setStyle('display', 'block');");
    $objResponse->script("\$('form_container_to_{$feedback_id}-3').setStyle('display', 'none');");
    $objResponse->script("\$('{$ele_id}').setStyle('display', 'block');");
    $objResponse->assign($ele_id, 'innerHTML', $content);
    return $objResponse;
}

Пример #16

Файл: comments.server.php Проект: kapai69/fl-ru-damp

/**
 * Выводит форму редактировая комментария в админке комментариев.
 *
 * @param int $type Тип группы комментариев
 * @param int $id   id комментария
 *
 * @return xajaxResponse
 */
function EditComment($type, $id)
{
    require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/comments.php';
    session_start();
    $objResponse = new xajaxResponse();
    if (!hasPermissions('comments')) {
        return $objResponse;
    }
    $comments = new comments();
    $item = $comments->GetItem(intval($type), intval($id));
    $show_title = false;
    $show_files = $type == comments::T_ARTICLES;
    $show_video = $type == comments::T_ARTICLES;
    if (!empty($item)) {
        define('IS_SITE_ADMIN', 1);
        require_once $_SERVER['DOCUMENT_ROOT'] . '/siteadmin/comments/blocks.php';
        $objResponse->assign("edit-{$type}-{$id}", 'innerHTML', CommentEditor($item, $show_title, $show_files, $show_video));
        if ($show_video) {
            $objResponse->script("\$\$('.cl-form-files li input[type=image]').addEvent('click', FilesList)");
        }
    }
    return $objResponse;
}

Пример #17

Файл: projects_helper.php Проект: Nikitian/fl-ru-damp

 /**
  * Отображает текущий статус проекта
  * 
  * @param array $project
  * @param array $offer
  * @return boolean
  */
 public static function renderStatus($project, $offer)
 {
     $uid = get_uid(FALSE);
     $is_project_owner = $project['user_id'] == $uid;
     $is_offer_owner = $offer ? $offer['user_id'] == $uid : FALSE;
     $is_adm = hasPermissions('projects') && !$is_project_owner && !$is_offer_owner;
     $is_exec = $offer ? $project['exec_id'] == $offer['user_id'] : FALSE;
     //Если не владелец проекта или предложения или не админ то показываем статус по умолчанию
     $is_guest = !($uid > 0) || !$is_project_owner && !$is_offer_owner;
     //Если фрилансер не исполнитель и нет движухи по статусу то ничего не показываем
     $is_frl_status_new = $is_offer_owner && !$is_exec && $offer['status'] == projects_status::STATUS_NEW;
     if (($is_guest || $is_frl_status_new) && !$is_adm) {
         return FALSE;
     }
     if (!isset($project['emp_feedback']) || !isset($project['frl_feedback'])) {
         $obj_feedback = new projects_feedback();
         $project += $obj_feedback->getFeedbackByProjectID($project['id']);
     }
     $is_allow_feedback = !$project['close_date'] || projects_feedback::isAllowFeedback($project['close_date']);
     $fullname = $is_project_owner && $offer ? "{$offer['uname']} {$offer['usurname']} [{$offer['login']}]" : "{$project['uname']} {$project['usurname']} [{$project['login']}]";
     $date_feedback = ($project['close_date'] ? strtotime($project['close_date']) : time()) + projects_feedback::LIFETIME;
     $date_feedback_formatted = date("d.m.Y H:i", $date_feedback);
     return Template::render(PORJECTS_TPL_PATH . 'projects_status.tpl.php', array('fullname' => $fullname, 'project' => $project, 'offer' => $offer, 'is_exec' => $is_exec, 'is_adm' => !$is_project_owner && !$is_offer_owner, 'date_feedback' => $date_feedback_formatted, 'is_allow_feedback' => $is_allow_feedback));
 }

Пример #18

Файл: index.php Проект: kapai69/fl-ru-damp

<?php

/**
 * Серый список IP.
 * 
 * @author Max 'BlackHawk' Yastrembovich
 */
define('IS_SITE_ADMIN', 1);
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/stdf.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/users.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/gray_ip.php';
session_start();
$uid = get_uid();
if (!hasPermissions('grayip')) {
    header_location_exit('/404.php');
}
$menu_item = 5;
$rpath = '../../';
$css_file = array('moderation.css', 'new-admin.css', 'nav.css');
$js_file = array('gray_ip.js', 'admin_log.js', 'banned.js');
$header = $rpath . 'header.php';
$inner_page = 'index_inner.php';
$content = '../content22.php';
$footer = $rpath . 'footer.html';
$template = 'template2.php';
$log_pp = __paramInit('int', 'log_pp', 'log_pp', 20);
$gray_ip = new gray_ip($log_pp);
$task = __paramInit('string', 'task', 'task');
$page = __paramInit('int', 'page', 'page', 1);
$filter = array();
$cmd = __paramInit('string', 'cmd', null, '');

Пример #19

Файл: projects.server.php Проект: Nikitian/fl-ru-damp

/**
 * Возвращает список жалоб на проект в админке.
 * 
 * с xajax не работает
 * 
 * @param  int $nProjId Идентификатор проекта на который жалуются
 * @param  string $group группа, в которой находится -> (new, approved, refused)
 * @return string json_encode данные
 */
function getProjectComplaints($nPrjId = 0, $group = 'new')
{
    session_start();
    $res = array();
    if (hasPermissions('projects') && $nPrjId) {
        require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/projects.php';
        $oPrj = new projects();
        $aMsgs = $oPrj->getProjectComplaints($nPrjId, $group);
        $aData = array();
        foreach ($aMsgs as $aOne) {
            $aFiles = array();
            if ($aOne['files']) {
                $files = preg_split("/,/", $aOne['files']);
                foreach ($files as $file) {
                    if ($file && $file != 'false') {
                        $aFiles[] = '<a target="_blank" href="' . WDCPREFIX . '/users/' . $aOne['e_login'] . '/upload/' . $file . '">' . $file . '</a><br/>';
                    }
                }
            }
            $status = 0;
            if ($aOne['is_satisfied'] == 't') {
                $status = 1;
            } elseif ($aOne['is_satisfied'] == 'f') {
                $status = 2;
            }
            $aTmp = array('login' => iconv('CP1251', 'UTF-8', $aOne['login']), 'name' => iconv('CP1251', 'UTF-8', $aOne['uname']), 'surname' => iconv('CP1251', 'UTF-8', $aOne['usurname']), 'date' => date('d.m.Y', strtotime($aOne['date'])), 'text' => $aOne['msg'] ? iconv('CP1251', 'UTF-8', reformat(html_entity_decode($aOne['msg'], ENT_QUOTES), 60)) : '', 'type' => iconv('CP1251', 'UTF-8', projects_complains::GetComplainType($aOne['type'], true)), 'status' => $status, 'pdate' => date('d.m.Y', strtotime($aOne['processed_at'])), 'admin_login' => iconv('CP1251', 'UTF-8', $aOne['admin_login']), 'admin_uname' => iconv('CP1251', 'UTF-8', $aOne['admin_uname']), 'admin_usurname' => iconv('CP1251', 'UTF-8', $aOne['admin_usurname']), 'files' => $aFiles);
            $aData[] = $aTmp;
        }
        $res['success'] = true;
        $res['data'] = $aData;
    } else {
        $res['success'] = false;
    }
    echo json_encode($res);
}

Пример #20

Файл: inner_table.php Проект: Nikitian/fl-ru-damp

<?php

if (!defined('IS_SITE_ADMIN') || !(hasPermissions('sbr') || hasPermissions('tmppayments'))) {
    header_location_exit('/404.php');
}
$totalArray = array();
?>

<div id="sbr_stat_table">
    

    <table class="b-layout__table b-layout__table_width_full b-layout__table_bord_ccc" cellpadding="0" cellspacing="0" border="0">
        <tr class="b-layout__tr">
            <td class="b-layout__left b-layout__left_bordbot_ccc b-layout__left_pad_5_10 b-layout__left_width_185 b-layout__left_bordright_ccc">
                <div class="b-layout__txt b-layout__txt_fontsize_11 b-layout__txt_bold">Параметр</div>
            </td>

            <td class="b-layout__middle" rowspan="<?php 
echo count($sbr_table_types) + 2;
?>
">
                <div id="sbr_stat_table_data" class="b-layout b-layout_width_510 b-layout_overflow_auto">
                    <table class="b-layout__table b-layout__table_width_full b-layout__table_bordbot_ccc" cellpadding="0" cellspacing="0" border="0">
                        <tr class="b-layout__tr">
                            <?php 
foreach ($dates as $date => $formatDate) {
    ?>
                            <td class="b-layout__one b-layout__one_pad_5_10 b-layout__one_width_30 b-layout__one_center b-layout__one_bordbot_ccc">
                                <div class="b-layout__txt b-layout__txt_fontsize_11 b-layout__txt_bold"><?php 
    echo $formatDate;
    ?>

Пример #21

Файл: Photo.php Проект: thejandroman/Lychee

 private function createMedium($url, $filename, $width, $height)
 {
     # Function creates a smaller version of a photo when its size is bigger than a preset size
     # Excepts the following:
     # (string) $url = Path to the photo-file
     # (string) $filename = Name of the photo-file
     # (int) $width = Width of the photo
     # (int) $height = Height of the photo
     # Returns the following
     # (boolean) true = Success
     # (boolean) false = Failure
     # Check dependencies
     self::dependencies(isset($this->database, $this->settings, $url, $filename, $width, $height));
     # Call plugins
     $this->plugins(__METHOD__, 0, func_get_args());
     # Set to true when creation of medium-photo failed
     $error = false;
     # Size of the medium-photo
     # When changing these values,
     # also change the size detection in the front-end
     $newWidth = 1920;
     $newHeight = 1080;
     # Check permissions
     if (hasPermissions(LYCHEE_UPLOADS_MEDIUM) === false) {
         # Permissions are missing
         Log::notice($this->database, __METHOD__, __LINE__, 'Skipped creation of medium-photo, because uploads/medium/ is missing or not readable and writable.');
         $error = true;
     }
     # Is photo big enough?
     # Is medium activated?
     # Is Imagick installed and activated?
     if ($error === false && ($width > $newWidth || $height > $newHeight) && $this->settings['medium'] === '1' && (extension_loaded('imagick') && $this->settings['imagick'] === '1')) {
         $newUrl = LYCHEE_UPLOADS_MEDIUM . $filename;
         # Read image
         $medium = new Imagick();
         $medium->readImage($url);
         # Adjust image
         $medium->scaleImage($newWidth, $newHeight, true);
         # Save image
         try {
             $medium->writeImage($newUrl);
         } catch (ImagickException $err) {
             Log::notice($this->database, __METHOD__, __LINE__, 'Could not save medium-photo: ' . $err->getMessage());
             $error = true;
         }
         $medium->clear();
         $medium->destroy();
     } else {
         # Photo too small or
         # Medium is deactivated or
         # Imagick not installed
         $error = true;
     }
     # Call plugins
     $this->plugins(__METHOD__, 1, func_get_args());
     if ($error === true) {
         return false;
     }
     return true;
 }

Пример #22

Файл: admin_bar.php Проект: Nikitian/fl-ru-damp

    $edit_onclick = "/*var m=document.getElementById('idEditCommentForm_{$msg_id}');  if(__commLastOpenedForm!=m|| __commLastOpenedForm.action!='Edit.post')*/\n           xajax_CreateCommentForm('{$edit_id}', {$top['id']}, {$msg_id}, {$commune_id}, {$om}, " . ($site == 'Topic' ? 0 : 1) . ", 'Edit.post', {$mod}, " . $top['cnt_files'] . ", " . ($site == 'Topic' ? intval(__paramInit('int', 'draft_id', 'draft_id')) : 0) . ", '" . __paramInit('string', 'attachedfiles_session', 'attachedfiles_session') . "');";
    $ul_attrs = '';
    if ($is_admin_site) {
        $params = array('uid' => $top['id'], 'code' => 4, 'link' => $GLOBALS['host'] . '/commune/?id=' . $top['commune_id'] . '&site=Topic&post=' . $top['id'], 'name' => $top['title']);
        foreach ($params as $key => $value) {
            $ul_attrs .= ' data-banned-' . $key . '="' . $value . '"';
        }
    }
    ?>

<ul class="b-post__links"<?php 
    echo $ul_attrs;
    ?>
>
<?php 
    if (($mod & (commune::MOD_COMM_MODERATOR | commune::MOD_COMM_AUTHOR | commune::MOD_ADMIN | commune::MOD_MODER) || $top['user_id'] == get_uid(false)) && ($top['is_blocked_s'] != 't' && $top['is_blocked_c'] != 't' || hasPermissions('communes') || $top['admin_login_c'] == $_SESSION['login'])) {
        ?>
    <?php 
        if ($top['category_id'] && $top['category_name']) {
            ?>
        <li class="b-post__links-item b-post__links-item_padright_10">
            Раздел: <a class="b-post__link b-post__link_color_000" href="<?php 
            echo getFriendlyURL('commune_commune', $top['commune_id']);
            ?>
?om=<?php 
            echo __paramInit("int", "om") ? __paramInit("int", "om") : '0';
            ?>
&cat=<?php 
            echo $top['category_id'];
            ?>
"><?php 

Пример #23

Файл: index.php Проект: kapai69/fl-ru-damp

    exit;
}
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/portfolio.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/professions.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/commune.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/links.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/lenta.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/users.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/blogs.php';
$header = '../header.php';
//$additional_header = "<link rel=\"alternate\" type=\"application/rss+xml\" title=\"Блоги на Free-lance.ru (".$gr_name.")\" href=\"/rss/blogs.php?gr=".$gr."&amp;t=".$t."\" />";
$css_file = array('lenta.css', 'commune.css', '/css/nav.css');
$content = 'content.php';
$js_file = array('polls.js', 'commune.js');
$footer = '../footer.html';
$user_mod = commune::MOD_ADMIN * hasPermissions('communes');
$user_mod |= commune::MOD_PRO * (users::IsPro($uid, $e) ? 1 : 0);
$user_mod |= commune::MOD_EMPLOYER * (int) is_emp();
$user_mod |= commune::MOD_BANNED * is_banned($uid);
$page = __paramInit('int', 'page', 'page', 1);
$action = __paramInit('string', NULL, 'action');
switch ($action) {
    case 'Save':
        $has_lenta = __paramInit('bool', NULL, 'has_lenta', NULL);
        $my_team = __paramInit('bool', NULL, 'my_team');
        $all_profs = __paramInit('bool', NULL, 'all_profs');
        $communes = __paramInit('array', NULL, 'commune_id');
        $prof_groups = __paramInit('array', NULL, 'prof_group_id');
        if (!lenta::SaveUserSettings($has_lenta, $uid, $my_team, $all_profs, $communes, $prof_groups)) {
        }
        // ошибка.

Пример #24

Файл: charts2.php Проект: Nikitian/fl-ru-damp

<?php

$no_banner = 1;
$rpath = "../../";
require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/users.php";
session_start();
get_uid();
if (!(hasPermissions('adm') && (hasPermissions('stats') || hasPermissions('tmppayments')))) {
    header("Location: /404.php");
    exit;
}
$content = "../content.php";
$inner_page = "charts2";
$inner_page = "inner_" . $inner_page . ".php";
$header = $rpath . "header.php";
$footer = $rpath . "footer.html";
include $rpath . "template.php";

Пример #25

Файл: inner_index.php Проект: Nikitian/fl-ru-damp

<?php

if (!defined('IS_SITE_ADMIN')) {
    header('Location: /404.php');
    exit;
}
require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/professions.php";
$profs = professions::GetAllProfessions();
if (!(hasPermissions('adm') && hasPermissions('adminspam'))) {
    header("Location: /404.php");
    exit;
}
?>
<script type="text/javascript">
CKEDITOR.config.customConfig = '/scripts/ckedit/config_simple.js';

function checkexts() {
            var val = 0;
            var grp = document.getElementById('idForm')['attach[]'];
            if (typeof grp.length != 'undefined') {
                for (i=0; i<grp.length; i++) {
                    if (!allowedExt(grp[i].value)) return false;
                }
            } else {
                if (!allowedExt(grp.value)) return false;
            }
            return true;
        }
</script>
<style>
	.addButton INPUT { width: 28px; }

Пример #26

Файл: tpl.sbr-crumbs.php Проект: kapai69/fl-ru-damp

    ?>
        <li class="b-menu__item"><a class="b-menu__link" href="<?php 
    echo $crumbs[$i]['href'];
    ?>
"><?php 
    echo $crumbs[$i]['name'];
    ?>
</a>&#160;&rarr;&#160;</li>
        <?php 
}
//for
?>
    </ul>
</div>
<?php 
if (hasPermissions('sbr') && $_SESSION['access'] == 'A') {
    ?>
<div class="b-fon b-fon_float_right">
    <div class="b-fon__body b-fon__body_pad_10 b-fon__body_fontsize_13 b-fon__body_bg_ffeeeb">
		<div class="b-layout__txt"><a class="b-layout__link b-layout__link_float_right" href="<?php 
    echo $site_uri ? $site_uri . '&' : '?';
    ?>
access=U">Выйти</a>Вы видите сделку глазами:</div>
		<div class="b-layout__txt">
            <?php 
    if (!$_SESSION['E'] && !$_SESSION['F']) {
        ?>
Администратора<?php 
    } else {
        //if
        ?>

Пример #27

Файл: inner_index.php Проект: kapai69/fl-ru-damp

            } else {
                ?>
			<a href=".?action=unblock_money&id=<?php 
                echo $user['uid'];
                ?>
&search=<?php 
                echo $user['login'];
                ?>
" class="public_red_normal">разблокировать деньги</a>
			<?php 
            }
            ?>
			
			<br><br>
			<?php 
            if (hasPermissions('users')) {
                ?>
 Права: 
			<a href=".?action=chmoder&id=<?php 
                echo $user['uid'];
                ?>
" class="blue"><?php 
                echo is_moder($user['role']) ? 'снять' : 'дать';
                ?>
 модератора</a> |
			<a href=".?action=chredact&id=<?php 
                echo $user['uid'];
                ?>
" class="blue"><?php 
                echo is_redactor($user['role']) ? 'снять' : 'дать';
                ?>

Пример #28

Файл: bottom_stats.php Проект: Nikitian/fl-ru-damp

<?php

define('IS_SITE_ADMIN', 1);
$rpath = "../../";
require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/stdf.php";
require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/account.php";
require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/users.php";
require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/maslen.php";
require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/pf.php";
require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/projects.php";
session_start();
get_uid(false);
if (!(hasPermissions('statsaccounts') || hasPermissions('tmppayments'))) {
    exit;
}
$DB = new DB('master');
$idMonth = date('m');
//дефолтный месяц
$idYear = date('Y');
//дефотлный год
$iBarWidth = is_numeric(InGet('y')) && !is_numeric(InGet('m')) ? 30 : 20;
//ширина ячейки
if (InGet('y') == 'all') {
    $iBarWidth = 50;
}
$iHeight = 20;
//отступ снизу
$sFont = ABS_PATH . '/siteadmin/account/Aricyr.ttf';
$graphStyle = array();
$ignored_uids = "";
// Максимальная высота отдельного блока

Пример #29

Файл: usermenu.php Проект: kapai69/fl-ru-damp

        $inner = 'rating_inner.php';
    }
    ?>
		<li class="b-menu__item b-menu__item_last <?php 
    echo $activ_tab == 6 ? 'b-menu__item_active' : '';
    ?>
 b-menu_rating-item " <?php 
    echo $activ_tab == 6 ? 'data-menu-opener="true" data-menu-descriptor="profile-nav"' : '';
    ?>
>
			<a class="b-menu__link" href="/users/<?php 
    echo $user->login;
    ?>
/rating/" title="Рейтинг">
				<span class="b-menu__b1">Рейтинг<?php 
    echo substr($user->tabs, 4, 1) == 0 && hasPermissions('users') ? ' [с]' : '';
    ?>
</span>
			</a>
		</li>
		<?php 
}
?>
    </ul>
</div>

Пример #30

Файл: tpl.lenta.new.php Проект: kapai69/fl-ru-damp

<script type="text/javascript">var openedProjects=new Array();var isPrjCssOpened=<?php 
echo $isPrjOpened ? 'true' : 'false';
?>
;</script>

<?php 
$can_change_prj = hasPermissions('projects');
if ($can_change_prj) {
    $quickEditPoputType = 1;
    require_once $_SERVER['DOCUMENT_ROOT'] . '/projects/tpl.prj-quickedit.php';
    ?>

<div id="popup_budget" class="b-shadow b-shadow_inline-block b-shadow_width_335 b-shadow_center b-shadow_zindex_3 b-shadow_hide">
	<div class="b-shadow__right">
		<div class="b-shadow__left">
			<div class="b-shadow__top">
				<div class="b-shadow__bottom">
					<div class="b-shadow__body b-shadow__body_bg_fff b-shadow__body_pad_20">
						<h2 class="b-shadow__title b-shadow__title_padbot_15">Редактирование бюджета</h2>
						<div id="popup_budget_prj_name" class="b-layout__txt b-layout__txt_padbot_15"></div>
                        
						<div class="b-form b-form_padbot_20">
							<div class="b-combo b-combo_inline-block b-combo_margright_10">
								<div class="b-combo__input b-combo__input_width_60">
									<input id="popup_budget_prj_price" class="b-combo__input-text b-combo__input-text_fontsize_15" name="cost" type="text" size="80" maxlength="6" value="" />
								</div>
							</div><div
                             class="b-combo b-combo_inline-block b-combo_margright_10" >
								<div class="b-combo__input b-combo__input_multi_dropdown drop_down_default_2 b-combo__input_init_projQuickEditCurrency b-combo__input_width_60 b-combo__input_min-width_40 b-combo__input_arrow_yes reverse_list">
                                    <input id="popup_budget_prj_currency" class="b-combo__input-text b-combo__input-text_fontsize_15" type="text" size="80" readonly="readonly" />	
                                    <span class="b-combo__arrow"></span>