public function registerObjects() { $key = 'class'; if (!$this->parameterExists($key)) { throw new Exception("Parameter '{$key}' not set\n"); } $classname = $this->getParameter($key); // user must log in $auth = Authentication::getInstance(); $key = 'username'; if (!$this->parameterExists($key)) { throw new Exception("Parameter '{$key}' not set\n"); } $username = $this->getParameter($key); $key = 'password'; if (!$this->parameterExists($key)) { throw new Exception("Parameter '{$key}' not set\n"); } $password = $this->getParameter($key); $auth->login($username, $password, false); // user must have backend rights if ($auth->isLogin() && !$auth->isRole(SystemUser::ROLE_BACKEND)) { throw new Exception('Access denied.'); } try { $this->director->pluginManager->loadPlugin($classname); } catch (Exception $e) { // normal plugin failed, try to load admin plugin $this->director->adminManager->loadPlugin($classname); //throw new Exception($e->getMessage()); } }
private function saveToDb($params) { $objAuth = Authentication::getInstance(); $user_id = $objAuth->user_id; $objForm = new FormModel(); $saveData = array(); $saveData['form_id'] = $params['formSubmit']['id']; $saveData['user_id'] = $user_id; $saveData['fromPage'] = !empty($params['returnUrlRequest']) ? $params['returnUrlRequest'] : false; if (!empty($params['formSubmit']['fields'])) { foreach ($params['formSubmit']['fields'] as $fieldId => $value) { $fieldInfo = array(); $fieldInfo['field_id'] = intval($fieldId); $fieldInfo['value'] = $value; $saveData['fields'][] = $fieldInfo; } } if (!empty($params['formSubmit']['userfields'])) { foreach ($params['formSubmit']['userfields'] as $fieldId => $value) { $fieldInfo = array(); $fieldInfo['field_id'] = intval($fieldId); $fieldInfo['value'] = $value; $saveData['fields'][] = $fieldInfo; } } $submission_id = $objForm->saveSubmission($saveData); return $submission_id; }
/** * filters field values like checkbox conversion and date conversion * * @param array unfiltered values * @return array filtered values * @see DbConnector::filterFields */ public function filterFields($fields) { $authentication = Authentication::getInstance(); $userId = $authentication->getUserId(); $fields['usr_id'] = $userId['id']; return $fields; }
private function initialize() { $auth = Authentication::getInstance(); if (!$auth->isLogin() || !$auth->isRole(SystemUser::ROLE_ADMIN)) { throw new Exception('Access denied'); } }
function __construct($user_id = '') { parent::__construct(); $this->permissions = new PermissionsModel(); $this->objAuthentication = Authentication::getInstance(); if (!empty($user_id)) { $this->setUserId($user_id); } }
private function setInformations() { try { $model = new UserModel(); self::$informations = $model->getUser(Authentication::getInstance()->getUserId()); } catch (InputNotSetException $e) { $e->getMessage(); } }
/** * Smarty {form} function plugin * * Type: function<br> * Name: form<br> * Purpose: generates form from database<br> * @author Nathan Gardner <*****@*****.**> */ function smarty_function_form($localparams, &$smarty) { global $params; if (!empty($localparams['identifier'])) { $objForm = new FormModel(); $objAuth = Authentication::getInstance(); $objTemplate = new TemplatesModel(); $objUser = new UserModel($objAuth->user_id); $userInfo = $objUser->getInfo(); $form_id = $objForm->getFormId($localparams['identifier']); if ($form_id) { $formInfo = $objForm->loadForm($form_id); $templateInfo = $objTemplate->loadTemplateFromKeyname('form'); // assign values if already submitted if (!empty($params['formSubmit']['fields']) && !empty($formInfo['fields'])) { foreach ($formInfo['fields'] as &$formField) { foreach ($params['formSubmit']['fields'] as $submittedId => $submittedValue) { if ($formField['id'] == $submittedId) { if ($formField['type'] == 'checkbox' || $formField['type'] == 'radio') { $formField['checked'] = 'checked'; } else { $formField['value'] = $submittedValue; } break; } } } } // assign error flag and message if invalid if (!empty($params['formErrors']) && !empty($formInfo['fields'])) { foreach ($params['formErrors'] as $formError) { foreach ($formInfo['fields'] as &$formField) { if ($formError['field_id'] == $formField['id']) { $formField['hasError'] = true; $formField['errorMsg'] = $formError['errorMsg']; break; } } } } // assign var to template if (!empty($params['formSubmitted'])) { $smarty->assign('formSubmitted', 1); } if (!empty($params['formErrors'])) { $smarty->assign('formErrors', $params['formErrors']); } $smarty->assign('formInfo', $formInfo); $output = $smarty->fetch('fromstring:' . $templateInfo['content']); } else { return 'Unknown form identifier'; } } else { return 'Must pass an identifier'; } return $output; }
function assignCommons() { global $params; ##prod info $this->assign('ProductTitle', PRODUCT_NAME); ##skin dir $this->assign('skin', '/' . $this->location . '/views/'); $this->assign('bento', '/bento/'); ##global url http/https if (empty($_SERVER["HTTPS"])) { $this->assign('httpUrl', 'http://' . URL . '/'); } else { $this->assign('httpUrl', 'https://' . URL . '/'); } ##site settings $objSettings = Settings::getInstance(); $settings = $objSettings->getEntrys(); $this->assign('Settings', $settings); $metaTitle = $settings['meta']['default-meta-title']; $metaDescription = $settings['meta']['default-meta-description']; $metaKeywords = $settings['meta']['default-meta-keywords']; if (!empty($params['_urlrequest'])) { $objUrls = new FriendlyurlModel(); $objUrls->parseRequest($params['_urlrequest']); $urlMeta = $objUrls->getMetaData($objUrls->url_id); if (!empty($urlMeta['title'])) { $metaTitle = $urlMeta['title']; } if (!empty($urlMeta['description'])) { $metaDescription = $urlMeta['description']; } if (!empty($urlMeta['keywords'])) { $metaKeywords = $urlMeta['keywords']; } $this->assign('urlrequest', $params['_urlrequest']); } ##meta deta $this->assign('metaTitle', $metaTitle); $this->assign('metaDescription', $metaDescription); $this->assign('metaKeywords', $metaKeywords); ##global filesystem path $this->assign('fsPath', DIR); ##user vars $objAuthentication = Authentication::getInstance(); if ($objAuthentication->loggedIn()) { $objUser = new UserModel($objAuthentication->user_id); $this->assign('loggedIn', true); $this->assign('UserInfo', $objUser->getInfo()); } else { $this->assign('loggedIn', false); } }
private function saveSearch($query) { $objAuth = Authentication::getInstance(); if ($objAuth->loggedIn()) { $user_id = $objAuth->user_id; } else { $user_id = 0; } $this->db->reset(); $this->db->assign_str('searchQuery', $query); $this->db->assign('user_id', $user_id); $this->db->insert('searches'); return true; }
private function initialize() { $request = Request::getInstance(); $siteGroup = $this->director->siteGroup; // disable caching if disabled or type is not get if (!$this->director->getConfig()->enable_caching || $request->getRequestType() != Request::GET) { $this->setCacheable(false); self::$cacheEnabled = false; } $authentication = Authentication::getInstance(); $this->path = realpath(DIF_SYSTEM_ROOT . $this->director->getConfig()->path) . '/'; $userId = $authentication->getUserId(); $this->url = $request->getUrl() . $userId['id'] . $siteGroup->getCurrentId(); $this->expiration = $this->director->getConfig()->expiration; }
/** * Smarty {userHasPermission} block plugin * * Type: block<br> * Name: userHasPermission<br> * Purpose: Outputs $content if user has permission * Useage: {userHasPermission controller='foo' action='bar'}you have permission{/userHasPermission} * @author Nathan Gardner <*****@*****.**> */ function smarty_block_userHasPermission(&$params, $content, &$smarty, &$repeat) { if (!empty($params['controller']) && !empty($params['action'])) { $objPermissions = Permissions::getInstance(); $objAuth = Authentication::getInstance(); $user_id = $objAuth->user_id; $isAllowed = $objPermissions->actionAllowed($params['controller'], $params['action'], $user_id); if ($isAllowed) { return $content; } else { return false; } } else { echo 'Must pass controller and action to do permission check.'; } }
public function before() { //return; $request = $this->getAction()->getRequest(); $module = $request->getModuleName(); $controller = $request->getControllerName(); $action = $request->getActionName(); $resModule = ucfirst($module); $resController = $resModule . '_' . ucfirst($controller); $resAction = $resController . '_' . ucfirst($action); $aclFile = ZOODPP_APP . '/access/acl.php'; if (file_exists($aclFile)) { include $aclFile; } $aclFile = ZOODPP_APP . '/access/acl.' . strtolower($module[0]) . substr($module, 1) . '.php'; if (file_exists($aclFile)) { include $aclFile; } if (isset($ACL_IGNORE[$resModule]) && (in_array($resAction, $ACL_IGNORE[$resModule]) || in_array($resController, $ACL_IGNORE[$resModule]) || in_array($resModule, $ACL_IGNORE[$resModule]))) { //Permission check ignored, do nothing } else { if (isset($ACL_LOGIN[$resModule]) && (in_array($resAction, $ACL_LOGIN[$resModule]) || in_array($resController, $ACL_LOGIN[$resModule]) || in_array($resModule, $ACL_LOGIN[$resModule]))) { //Only login is required, check whether user has logged in or not $isLoggedIn = Authentication::getInstance()->isLoggedIn(); if (!$isLoggedIn) { exit('You are not allowed to access this action. <a href="/login/">Click here to Login!</a> '); } } else { $permissionNeeded = array(); if (isset($ACL[$resModule]) && !empty($ACL[$resModule])) { $permissionNeeded += $ACL[$resModule]; } if (isset($ACL[$resController]) && !empty($ACL[$resController])) { $permissionNeeded += $ACL[$resController]; } if (isset($ACL[$resAction]) && !empty($ACL[$resAction])) { $permissionNeeded += $ACL[$resAction]; } if (!empty($permissionNeeded)) { //@todo 检查相应权限 } } } }
/** * Returns protected var $oberserver. * @param string observer key * @return array */ public function getUserList($search) { try { if (!array_key_exists('tree_id', $search)) { throw new Exception('Tree node not set'); } if (!array_key_exists('tag', $search)) { throw new Exception('Template tag not set'); } if (!array_key_exists('date', $search)) { throw new Exception('Date not set'); } if (!array_key_exists('hour', $search)) { throw new Exception('Hour not set'); } $maxpage = 10; $page = array_key_exists('page', $search) ? intval($search['page']) : 0; $hour = $search['hour']; $date = $search['date'] ? $search['date'] : date('Y-m-d'); $authentication = Authentication::getInstance(); $user = $authentication->getUserId(); $usr_id = $user['id']; $canEdit = $authentication->canEdit($search['tree_id']); $canView = $authentication->canView($search['tree_id']); if (!$canEdit && !$canView) { throw new Exception('Access denied'); } $subObj = $this->getObject(self::TYPE_DEFAULT); $settingObj = $this->getObject(self::TYPE_SETTINGS); $settings = $settingObj->getSettings($search['tree_id'], $search['tag']); // get linked users $userLink = new ReservationUserLink(); $list = $userLink->getList(array('own_id' => $usr_id)); $userList = array($usr_id); foreach ($list['data'] as $item) { $userList[] = $item['usr_id']; } $vipCount = $subObj->getVipCount($search); $legitimateUserList = $canEdit ? array() : $subObj->getLegitimateUserList($userList, $settings['max_subscribe']); // check if there are any users that are allowed to make a reservation if (!$legitimateUserList && !$canEdit) { throw new Exception("Reservation count exceeded."); } // user is super user, let him be able to make reservations for his self //if(!$legitimateUserList) $legitimateUserList = array($usr_id); // COMMENTED OUT BECAUSE SUPER USER CAN MAKE RESERVATIONS FOR ALL MEMBERS $userSearch = array('id' => $legitimateUserList); //if($vipCount >= $settings['vip_slots']) $userSearch['no_grp_id'] = $settings['vip_grp_id']; // vip_grp_id is not used anymore // add search string for user if (array_key_exists('user', $search) && $search['user']) { $userSearch['search'] = $search['user']; } $userObj = $this->director->systemUser; // backup pager url $tmppagerUrl = $userObj->getPagerUrl(); $tmppagerKey = $userObj->getPagerKey(); $url = new JsUrl(); $url->setPath('javascript:userSearch'); $url->setParameter('date', "'{$date}'"); $url->setParameter('hour', $hour); $url->setParameter('user', "'{$search['user']}'"); $userObj->setPagerUrl($url); $users = $userObj->getList($userSearch, $maxpage, $page); // restore pager url $userObj->setPagerUrl($tmppagerUrl); $userObj->setPagerKey($tmppagerKey); $template = new TemplateEngine($this->getPath() . "templates/reservationuserselect.tpl"); $template->setVariable('users', $users); $template->setVariable('date', $date); $template->setVariable('hour', $hour); $template->setVariable('htdocs_path', $this->getHtdocsPath(false)); $template->setVariable('include_vip', $vipCount < $settings['vip_slots']); $template->setVariable('usersearch', array_key_exists('user', $search) ? $search['user'] : ''); return $template->fetch(); } catch (Exception $e) { return $e->getMessage(); } }
/** * handle request */ public function handleRequest() { $request = Request::getInstance(); $auth = Authentication::getInstance(); if ($request->getRequestType() == Request::POST && !$auth->isLogin()) { $this->setIntrusion(); } if ($this->isIntrusion()) { $error = $intrusion->getExpiration() ? 'Intrusion detected. Request disabled untill ' . strftime('%c', $intrusion->getExpiration()) : 'Request disabled'; throw new Exception($error); } }
function __construct() { parent::__construct(); $this->objAuthentication = Authentication::getInstance(); $this->view = new View('frontend'); }
// load initalization file require 'config/init.php'; // connect to database try { $objDatabase = Database::getInstance(); $objDatabase->connect(DB_SERVER, DB_PORT, DB_USERNAME, DB_PASSWORD, DB_DATABASE); } catch (Exception $e) { $objEmail = new Emailer(); $objEmail->addTO(ERROR_EMAIL); $objEmail->setFrom(ERROR_EMAIL); $objEmail->setSubject('FATAL ERROR | Database connection problem on ' . URL); $objEmail->setBody('Database connection problem!!' . $objDatabase->getError()); //$objEmail->sendMail(); die('Unable to connect to database.'); } $objAuthentication = Authentication::getInstance(); $objSettings = Settings::getInstance(); $objDispatcher = new Dispatcher(); // custom url rewriting $objUrls = new FriendlyurlModel(); $objUrls->parseRequest($params['_urlrequest']); if (!empty($objUrls->requestParams)) { $params = array_merge($params, $objUrls->requestParams); } // start up try { $objSettings->loadSettings(); $objDispatcher->setDirectory('frontend'); $objDispatcher->setController($objUrls->requestController); $objDispatcher->setAction($objUrls->requestAction); $objDispatcher->setParams($params);
private function handleAdminDeletePost() { $request = Request::getInstance(); try { if (!$request->exists('id')) { throw new Exception('Node ontbreekt.'); } $id = intval($request->getValue('id')); // check if user has execute rights $authentication = Authentication::getInstance(); if (!$authentication->canDelete($id)) { throw new HttpException('403'); } $parent = $this->tree->getParentId($id); $this->delete(array('id' => $id)); viewManager::getInstance()->setType(ViewManager::ADMIN_OVERVIEW); $this->handleAdminOverview($parent); } catch (Exception $e) { $template = new TemplateEngine(); $template->setVariable('errorMessage', $e->getMessage(), false); $this->handleAdminDeleteGet(); } }
/** * filters field values like checkbox conversion and date conversion * * @param array unfiltered values * @return array filtered values * @see DbConnector::filterFields */ public function filterFields($fields) { $fields['active'] = array_key_exists('active', $fields) && $fields['active']; if ((!array_key_exists('name', $fields) || !$fields['name']) && array_key_exists('classname', $fields)) { $fields['name'] = $fields['classname']; } $authentication = Authentication::getInstance(); $userId = $authentication->getUserId(); $usr_id = $userId['id']; $this->sqlParser->setFieldValue('usr_id', $usr_id); return $fields; }
private function handlePost() { $request = Request::getInstance(); try { $autentication = Authentication::getInstance(); $autentication->login($request->getValue('username'), $request->getValue('password')); if (!$request->exists('tag')) { throw new Exception('Tag ontbreekt.'); } $tree = $this->director->tree; $tag = $request->getValue('tag'); $tree_id = $tree->getCurrentId(); $key = array('tree_id' => $tree_id, 'tag' => $tag); $detail = $this->exists($key) ? $this->getDetail($key) : $this->getFields(SqlParser::MOD_INSERT); $referer = $detail['ref_tree_id'] ? $tree->getPath($detail['ref_tree_id'], '/', Tree::TREE_ORIGINAL) : ($request->exists('referer') ? $request->getValue('referer') : '/'); header("Location: {$referer}"); exit; } catch (Exception $e) { $template = new TemplateEngine(); $template->setVariable('formError', $e->getMessage(), false); $this->handleHttpGetRequest(); } }
function __construct() { parent::__construct(); $this->objAuthentication = Authentication::getInstance(); }
/** * renders tree into menu template * @return object */ public function renderTree() { if (!$this->getConfig()->template_menu) { return; } if (!$this->tree) { return; } $template = new TemplateEngine($this->templatePath . $this->getConfig()->template_menu); $template->setCacheable(true); $cache = Cache::getInstance(); if (!$cache->isCached('submenu')) { $childs = array(); $childlist = $this->tree->getChildList($this->tree->getCurrentId()); foreach ($childlist as $item) { if (isset($item['visible']) && !$item['visible']) { continue; } $item['path'] = $this->tree->getPath($item['id']); $childs[] = $item; } $template->setVariable('submenu', $childs, false); $cache->save(serialize($childs), 'submenu'); } else { $template->setVariable('submenu', unserialize($cache->getCache('submenu')), false); } // check if template is in cache if ($template->isCached()) { return $template; } $menu = $this->tree->getRootList(); // get selected main menu item $firstNode = $this->tree->getFirstAncestorNode($this->tree->getCurrentId()); $firstId = $firstNode ? $firstNode['id'] : 0; foreach ($menu as &$item) { $item['path'] = isset($item['external']) && $item['external'] ? $item['url'] : $this->tree->getPath($item['id']); $item['selected'] = $item['id'] == $firstId; } $template->setVariable('menu', $menu, false); $auth = Authentication::getInstance(); $template->setVariable('loginName', $auth->getUserName(), false); return $template; }
/** * handle pre insert checks and additions * eg. check for uniqueness of set default values * * @param array filtered values for insertion * @return void * @see DbConnector::handlePreInsert */ protected function handlePreInsert($values) { // retrieve responsible user $authentication = Authentication::getInstance(); $userId = $authentication->getUserId(); $usr_id = $userId['id']; $this->sqlParser->setFieldValue('own_id', $usr_id); // create audit entries $sitegroupId = $this->getSiteGroup()->getCurrentId(); $this->sqlParser->setFieldValue('createdate', date('Y-m-d H:i:s')); $this->sqlParser->setFieldValue('sitegroup_id', $sitegroupId); // check if url already exists $sqlParser = clone $this->sqlParser; $sqlParser->addCriteria(new SqlCriteria('tree_parent_id', $values['parent'])); $sqlParser->addCriteria(new SqlCriteria('tree_url', $values['url'])); $sqlParser->addCriteria(new SqlCriteria('tree_sitegrp_id', $sitegroupId)); $query = $sqlParser->getSql(SqlParser::PKEY); $db = $this->getDb(); $res = $db->query($query); if ($db->isError($res)) { throw new Exception($res->getDebugInfo()); } if ($res->numRows() > 0) { throw new Exception('url bestaat reeds.'); } // if this is the startpage, deselect the rest because a startpage is unique if ($values['startpage']) { $this->deselect($sitegroupId); } // check if index is unique. if not, reindex nodes $searchcriteria = array('weight' => $values['weight'], 'parent' => $values['parent']); if ($this->exists($searchcriteria)) { $this->increaseWeight($values['parent'], $values['weight']); } }
private function handlePost() { $request = Request::getInstance(); $view = ViewManager::getInstance(); try { $autentication = Authentication::getInstance(); $usermail = $request->getValue('email'); if (!$usermail) { throw new Exception("Email adres ontbreekt."); } if (!$request->exists('tag')) { throw new Exception('Tag ontbreekt.'); } $tree = $this->director->tree; $tag = $request->getValue('tag'); $tree_id = $tree->getCurrentId(); $key = array('tree_id' => $tree_id, 'tag' => $tag); $detail = $this->getDetail($key); if (!$detail) { $this->log->info("Request login information for unknown user at " . $request->getValue('REMOTE_ADDR', Request::SERVER)); throw new Exception("Error creating request"); } // get userinfo $systemUser = new SystemUser(); $users = $systemUser->getList(array('email' => $usermail)); foreach ($users['data'] as $user) { $detail = array_merge($detail, $user); $loginKey = md5(time() . $user['username']); $requestValues = array('request_key' => $loginKey, 'usr_id' => $user['id']); // register request $loginRequest = new LoginRequest(); $loginRequest->insert($requestValues); $url = new Url(true); $url->setParameter($view->getUrlId(), self::VIEW_ACTIVATE); $url->setParameter('key', $loginKey); // mail userinfo (only if user is present) if ($user) { $this->sendMail($user['email'], $this->director->getConfig()->email_address, $detail['subject'], $detail, $request->getProtocol() . $request->getDomain() . $url->getUrl()); } } $referer = $detail['ref_tree_id'] ? $tree->getPath($detail['ref_tree_id'], '/', Tree::TREE_ORIGINAL) : ($request->exists('referer') ? $request->getValue('referer') : '/'); header("Location: {$referer}"); exit; } catch (Exception $e) { $template = new TemplateEngine(); $template->setVariable('formError', $e->getMessage(), false); $this->handleHttpGetRequest(); } }
private function saveLog() { // skip if nothing to do if (!$this->messages) { return; } $logfile = $this->getLogFile(); // default write mode is append $mode = 'a'; if (file_exists($logfile) && filesize($logfile) >= $this->maxFileSize) { // log file exeeds file size. compress and rotate file $this->rotateLogFile(); // reset log file with mode w $mode = 'w'; } $fh = fopen($logfile, $mode); if (!$fh) { throw new Exception("Error opening Log file {$logfile} for writing"); } $authentication = Authentication::getInstance(); $userId = join(',', $authentication->getUserId() ? $authentication->getUserId() : array()); $userName = $authentication->getUserName(); $ip = Request::getInstance()->getValue('REMOTE_ADDR', Request::SERVER); foreach ($this->messages as $item) { // skip disabled types if (!$this->isEnabled($item['type'])) { continue; } $msg = sprintf("%s %s %s (%d) %s [%s->%s] %s\n", strftime("%a %b %d %Y %T", $item['ts']), $item['type'], $userName, $userId, $ip, $item['class'], $item['function'], $item['message']); fputs($fh, $msg); } fclose($fh); chmod($logfile, 0644); }
/** * handle pre insert checks and additions * eg. check for uniqueness of set default values * * @param array filtered values for insertion * @return void * @see DbConnector::handlePreInsert */ protected function handlePreInsert($values) { if ($values['tree_root_id'] > 0) { throw new Exception("Root node moet kleiner of gelijk zijn aan 0"); } $authentication = Authentication::getInstance(); $userId = $authentication->getUserId(); $usr_id = $userId['id']; $this->sqlParser->setFieldValue('own_id', $usr_id); $this->sqlParser->setFieldValue('createdate', date('Y-m-d H:i:s')); $sqlParser = clone $this->sqlParser; $sqlParser->addCriteria(new SqlCriteria('grp_name', $values['name'])); $sqlParser->addCriteria(new SqlCriteria('grp_language', $values['language'])); $query = $sqlParser->getSql(SqlParser::PKEY); $db = $this->getDb(); $res = $db->query($query); if ($db->isError($res)) { throw new Exception($res->getDebugInfo()); } if ($res->numRows() > 0) { throw new Exception('website already exists.'); } if ($values['startpage']) { $this->deselect(); } }
/** * handle pre insert checks and additions * eg. check for uniqueness of set default values * * @param array filtered values for insertion * @return void * @see DbConnector::handlePreInsert */ protected function handlePreInsert($values) { $authentication = Authentication::getInstance(); $userId = $authentication->getUserId(); $this->sqlParser->setFieldValue('own_id', $userId['id']); $this->sqlParser->setFieldValue('createdate', date('Y-m-d H:i:s')); }
/** * handle pre insert checks and additions * eg. check for uniqueness of set default values * * @param array filtered values for insertion * @return void * @see DbConnector::handlePreInsert */ protected function handlePreInsert($values) { $authentication = Authentication::getInstance(); $userId = $authentication->getUserId(); $this->sqlParser->setFieldValue('own_id', $userId['id']); $this->sqlParser->setFieldValue('createdate', date('Y-m-d H:i:s')); $sqlParser = clone $this->sqlParser; $sqlParser->addCriteria(new SqlCriteria('form_name', $values['name'])); $sqlParser->addCriteria(new SqlCriteria('form_tree_id', $values['tree_id'])); $sqlParser->addCriteria(new SqlCriteria('form_tag', $values['tag'])); $query = $sqlParser->getSql(SqlParser::PKEY); $db = $this->getDb(); $res = $db->query($query); if ($db->isError($res)) { throw new Exception($res->getDebugInfo()); } if ($res->numRows() > 0) { throw new Exception('Element already exists.'); } // check if index is unique. if not, reindex nodes $searchcriteria = array('weight' => $values['weight'], 'tree_id' => $values['tree_id'], 'tag' => $values['tag']); if ($this->exists($searchcriteria)) { $this->increaseWeight($values['tree_id'], $values['tag'], $values['weight']); } }
/** * handle resize */ private function handleResizeGet() { $template = new TemplateEngine($this->getPath() . "templates/" . $this->templateFile); $request = Request::getInstance(); $view = ViewManager::getInstance(); $view->setType(Links::VIEW_RESIZE); $auth = Authentication::getInstance(); $template->setVariable('username', $auth->getUsername(), false); $this->handleTreeSettings($template); $this->template[$this->director->theme->getConfig()->main_tag] = $template; }
/** * handle pre insert checks and additions * eg. check for uniqueness of set default values * * @param array filtered values for insertion * @return void * @see DbConnector::handlePreInsert */ protected function handlePreInsert($values) { $authentication = Authentication::getInstance(); $userId = $authentication->getUserId(); $this->sqlParser->setFieldValue('own_id', $userId['id']); $this->sqlParser->setFieldValue('createdate', date('Y-m-d H:i:s')); // check if email is unique $searchcriteria = array('tree_id' => $values['tree_id'], 'tag' => $values['tag'], 'name' => $values['name']); if ($this->exists($searchcriteria)) { throw new Exception("Name already exists"); } }
private function filterTree() { $authentication = Authentication::getInstance(); //$authentication->isBackdoor()) $search = "@active='0'"; $groupsearch = array(); if ((!$authentication->isLogin() || !$this->useLogin) && !$authentication->isRole(SystemUser::ROLE_ADMIN)) { $groupsearch[] = "@role != ''"; } elseif (!$authentication->isRole(SystemUser::ROLE_ADMIN)) { // retrieve groups if user is not an administrator (admin can see all groups) /* $role = $authentication->getRole(); if(!$role) throw new Exception("User has no role"); $role = SystemUser::getRoleDesc($role); */ foreach (SystemUser::$roleList as $roleKey => $roleValue) { if ($authentication->isRole($roleKey)) { $groupsearch[] = "@role != '{$roleValue}'"; } } } if ($groupsearch) { $search .= sprintf(" or (%s)", join(" and ", $groupsearch)); } $xpath = $this->tree; $query = "//{$this->nodename}[{$search}]/descendant-or-self::{$this->nodename}"; $result = $xpath->query($query); foreach ($result as $item) { $parent = $item->parentNode; $parent->removeChild($item); } }