public function datarow($_table = null, $_id = null, $_metatable = false) { if (!$_table) { $_table = $this->module(); } // if myid parameter set use it else use url parameter for myid if (!$_id) { $_id = $this->childparam(); } $tmp_result = $this->sql()->table($_table)->where('id', $_id)->select(); if ($tmp_result->num() == 1) { $tmp_result = $tmp_result->assoc(); // add meta table rows as filed to datarow, can access via meta in datarow if ($_metatable) { $metas = $this->sql()->table('options')->where('post_id', $_id)->field('option_key', 'option_value', 'option_meta')->select()->allassoc(); foreach ($metas as $key => $value) { $myval = $value['option_meta']; if (substr($myval, 0, 1) === '{') { $myval = json_decode($myval, true); } $mykey = strtok($value['option_key'], '_'); $tmp_result['meta'][$mykey] = $myval; } } return $tmp_result; } elseif ($tmp_result->num() > 1) { \lib\error::access(T_("id is found 2 or more times. it's imposible!")); } else { \lib\error::access(T_("Url incorrect: id not found")); return false; } return null; }
function _route() { $canAccess = $this->option('account', 'meta', 'register'); if ($canAccess) { $this->post('signup')->ALL(); } else { \lib\error::access(T_("Public registration is disabled!")); } }
/** * check route of account * @return [type] [description] */ function _route() { // exit(); // \lib\debug::true("check", 'hi'); // var_dump(); $mymodule = $this->module(); $referer = \lib\router::urlParser('referer', 'domain'); $from = \lib\utility\cookie::read('from'); $from = $from ? $from : \lib\utility::get('from'); $islogin = $this->login(); // set referrer in cookie if ($referer !== Domain) { \lib\utility\cookie::write('referer', $referer, 60 * 15); } // check permission for changepass if ($mymodule === 'changepass' && $from !== 'verification' && !$islogin) { \lib\error::access(T_("you can't access to this page!")); } switch ($mymodule) { case 'home': $this->redirector()->set_url("login")->redirect(); break; case 'verification': case 'verificationsms': if ($from && $from !== 'recovery' && $from !== 'signup' && $from !== 'verification') { \lib\error::access(T_("you can't access to this page!")); } $this->model_name = '\\addons\\content_account\\' . $mymodule . '\\model'; $this->display_name = 'content_account\\' . $mymodule . '\\display.html'; $this->post($mymodule)->ALL($mymodule); $this->get()->ALL($mymodule); break; case 'signup': return; /** Fix it later, only access if posible */ /** Fix it later, only access if posible */ case 'login': case 'recovery': if ($islogin) { \lib\debug::true(T_("you are logined to system!")); $myreferer = \lib\router::urlParser('referer', 'host'); $myssid = isset($_SESSION['ssid']) ? '?ssid=' . $_SESSION['ssid'] : null; if (\lib\router::get_storage('CMS')) { $this->redirector()->set_domain()->set_sub_domain(\lib\router::get_storage('CMS'))->set_url()->redirect(); } else { $this->redirector()->set_domain()->set_url()->redirect(); } } case 'changepass': $this->model_name = '\\addons\\content_account\\' . $mymodule . '\\model'; $this->display_name = 'content_account\\' . $mymodule . '\\display.html'; $this->post($mymodule)->ALL($mymodule); $this->get()->ALL($mymodule); break; case 'smsdelivery': case 'smscallback': $uid = 201500001; if (\lib\utility::get('uid') == $uid || \lib\utility\cookie::read('uid') == $uid) { $this->model_name = '\\addons\\content_account\\sms\\model'; $this->display_name = 'content_account\\sms\\display.html'; $this->post($mymodule)->ALL($mymodule); $this->get($mymodule)->ALL($mymodule); } else { \lib\error::access("SMS"); } break; // logout user from system then redirect to ermile // logout user from system then redirect to ermile case 'logout': $this->model_name = '\\lib\\mvc\\model'; $this->model()->put_logout(); $this->redirector()->set_domain()->set_url()->redirect(); break; default: \lib\error::page(); break; } // $this->route_check_true = true; }
/** * return * @param string $_loc location * @param string $_type type of permission needed * @return [type] [description] */ public static function access($_content = null, $_loc = null, $_type = null, $_block = null) { $myStatus = null; $su = null; // if user is superviser then set su to true // permission id 1 is supervisior of system if (isset($_SESSION['user']['permission']) && $_SESSION['user']['permission'] === "1") { $su = true; $suStatus = self::permListFill('su'); } // if programmer not set content, give it automatically from address if ($_content === 'all') { $myStatus = []; if ($su) { foreach ($suStatus as $key => $value) { if (isset($value['enable'])) { $myStatus[$key] = $value['enable']; } } } elseif (isset($_SESSION['permission'])) { foreach ($_SESSION['permission'] as $key => $value) { if (isset($value['enable'])) { $myStatus[$key] = $value['enable']; } } } return $myStatus; } elseif (!$_content) { $_content = \lib\router::get_repository_name(); if ($_content !== "content") { $_content = substr($_content, strpos($_content, '_') + 1); } } if (!isset($suStatus[$_content]) || !isset($suStatus[$_content]['modules'])) { $su = false; } // if user want specefic location if ($_loc == 'all') { if ($su) { $myStatus = $suStatus[$_content]['modules']; } elseif (isset($_SESSION['permission'][$_content]['modules'])) { $myStatus = $_SESSION['permission'][$_content]['modules']; } } elseif ($_loc) { if ($_type) { if ($su) { if (isset($suStatus[$_content]['modules'][$_loc][$_type])) { $myStatus = $suStatus[$_content]['modules'][$_loc][$_type]; } } elseif (isset($_SESSION['permission'][$_content]['modules'][$_loc][$_type])) { $myStatus = $_SESSION['permission'][$_content]['modules'][$_loc][$_type]; } } else { if ($su) { $myStatus = $suStatus[$_content]['modules'][$_loc]; } elseif (isset($_SESSION['permission'][$_content]['modules'][$_loc])) { $myStatus = $_SESSION['permission'][$_content]['modules'][$_loc]; } } } else { if ($su) { $myStatus = $suStatus[$_content]['enable']; } elseif (isset($_SESSION['permission'][$_content]['enable'])) { $myStatus = $_SESSION['permission'][$_content]['enable']; } } if (!$myStatus) { if ($_block === "notify" && $_type && $_loc) { $msg = null; switch ($_type) { case 'view': $msg = "You can't view this part of system"; break; case 'add': $msg = T_("You can't add new") . ' ' . T_($_loc); break; case 'edit': $msg = T_("You can't edit") . ' ' . T_($_loc); break; case 'delete': $msg = T_("You can't delete") . ' ' . T_($_loc); break; default: $msg = "You can't access to this part of system"; break; } $msg = $msg . "<br/> " . T_("Because of your permission"); \lib\debug::error(T_($msg)); // exit(); } elseif ($_block) { \lib\error::access(T_("You can't access to this page!")); } else { // do nothing! } } return $myStatus; }
/** * return * @param string $_loc location * @param string $_type type of permission needed * @return [type] [description] */ public function access($_content = null, $_loc = null, $_type = null, $_block = null) { $myStatus = null; // if programmer not set content, give it automatically from address if ($_content === 'all') { $myStatus = []; if (isset($_SESSION['permission'])) { foreach ($_SESSION['permission'] as $key => $value) { if (isset($value['enable'])) { $myStatus[$key] = $value['enable']; } } } return $myStatus; } elseif (!$_content) { $_content = router::get_repository_name(); $_content = substr($_content, strpos($_content, '_') + 1); } // if user want specefic location if ($_loc == 'all') { if (isset($_SESSION['permission'][$_content]['modules'])) { $myStatus = $_SESSION['permission'][$_content]['modules']; } } elseif ($_loc) { if ($_type) { if (isset($_SESSION['permission'][$_content]['modules'][$_loc][$_type])) { $myStatus = $_SESSION['permission'][$_content]['modules'][$_loc][$_type]; } } else { if (isset($_SESSION['permission'][$_content]['modules'][$_loc])) { $myStatus = $_SESSION['permission'][$_content]['modules'][$_loc]; } } } else { if (isset($_SESSION['permission'][$_content]['enable'])) { $myStatus = $_SESSION['permission'][$_content]['enable']; } } if (!$myStatus) { if ($_block === "notify" && $_type && $_loc) { $msg = null; switch ($_type) { case 'view': $msg = "You can't view this part of system"; break; case 'add': $msg = T_("you can't add new") . ' ' . T_($_loc); break; case 'edit': $msg = T_("you can't edit") . ' ' . T_($_loc); break; case 'delete': $msg = T_("you can't delete") . ' ' . T_($_loc); break; default: $msg = "you can't access to this part of system"; break; } $msg = $msg . "<br/>" . T_(" Because of your permission"); \lib\debug::error(T_($msg)); $this->model()->_processor(object(array("force_json" => true, "force_stop" => true))); } elseif ($_block) { \lib\error::access(T_("you can't access to this page!")); } } return $myStatus; }