PHP _has_user_access_permission示例

示例#1

文件： Notes.php 项目： dimplewraich/finalproject

 public function show($pkey = '')
 {
     _has_user_access_permission(TRUE, array('admin', 'location_manager', 'location_user'));
     $params = ($params = unserialize_object($pkey)) && is_array($params) ? $params : array();
     $note_id = isset($params[SYS_NOTE_ID]) && gtzero_integer($params[SYS_NOTE_ID]) ? (int) $params[SYS_NOTE_ID] : 0;
     $note_type_id = isset($params[SYS_NOTE_TYPE_ID]) && gtzero_integer($params[SYS_NOTE_TYPE_ID]) ? (int) $params[SYS_NOTE_TYPE_ID] : 0;
     $note_info = $this->notes_m->get_note_by_id($note_id);
     echo $note_info->note;
 }

示例#2

文件： Clients.php 项目： dimplewraich/finalproject

 public function upload()
 {
     _has_user_access_permission(TRUE, array('admin', 'management_company'));
     $profile_avatar = $this->upload_avatar();
     if (empty($profile_avatar['error'])) {
         $output = array('status' => SUCCESS_MESSAGE, 'message' => "Profile Image uploaded successfully", 'avatar' => $profile_avatar['file_name']);
     } else {
         $output = array('status' => ERROR_MESSAGE, 'message' => $profile_avatar['error']);
     }
     echo json_encode($output);
 }

示例#3

文件： Account.php 项目： dimplewraich/finalproject

 public function __construct()
 {
     parent::__construct();
     _has_user_access_permission(TRUE, array('admin'));
 }

示例#4

文件： Contacts.php 项目： dimplewraich/finalproject

 public function delete($pkey, $method = "echo")
 {
     _has_user_access_permission(TRUE, array('admin', 'location_manager', 'user_company'));
     $params = ($params = unserialize_object($pkey)) && is_array($params) ? $params : array();
     $type_id = isset($params[SYS_CONTACT_TYPE_ID]) && gtzero_integer($params[SYS_CONTACT_TYPE_ID]) ? to_int($params[SYS_CONTACT_TYPE_ID]) : 0;
     $ref_id = isset($params[SYS_REF_ID]) && gtzero_integer($params[SYS_REF_ID]) ? to_int($params[SYS_REF_ID]) : 0;
     $contact_id = isset($params[SYS_CONTACT_ID]) && gtzero_integer($params[SYS_CONTACT_ID]) ? to_int($params[SYS_CONTACT_ID]) : 0;
     $redirect_url = $this->_post_args('redirect_url', ARGS_TYPE_STRING, $this->agent->referrer());
     $contact_info = $this->contact_m->details($contact_id, $ref_id, $type_id);
     if (!$contact_info) {
         $this->show_permission_denied_error($method);
     }
     $this->form_validation->set_rules('confirm', 'confirm', 'trim|required');
     $output = array('message' => "", 'status' => "");
     if ($this->form_validation->run() == TRUE) {
         $is_record_updated = $this->contact_m->delete($contact_id);
         if ($is_record_updated) {
             $output['message'] = sprintf('The contact "%s" has been deleted.', $contact_info->contact_name);
             $output['status'] = SUCCESS_MESSAGE;
             $output['contact_id'] = $contact_id;
         } else {
             $output['message'] = sprintf('Error occurred while trying to delete contact "%s".', $contact_info->contact_name);
             $output['status'] = ERROR_MESSAGE;
         }
         $this->_output_request($output, $redirect_url);
     } else {
         if (validation_errors()) {
             $output['message'] = validation_errors();
             $output['status'] = ERROR_MESSAGE;
         }
     }
     $doc_key = $this->_post_args('doc_key', ARGS_TYPE_STRING) ? $this->_post_args('doc_key', ARGS_TYPE_STRING) : keygen();
     $csrf = _get_csrf_nonce();
     $data = array('form_action' => site_url('contacts/delete/' . $pkey), 'cancel_url' => $redirect_url, 'page' => 'contacts/delete', 'title' => 'Contact "' . $contact_info->contact_name . '"', "display_message" => sprintf('Are you sure you want to delete contact "%s"?', $contact_info->contact_name), "display_heading" => sprintf('Delete contact', $contact_info->contact_name), "submit_btn_text" => "Save Changes", 'hiddenvars' => array_merge($csrf, array('redirect_url' => $redirect_url)), 'doc_key' => $doc_key);
     if ($this->input->is_ajax_request()) {
         $html = $this->template->raw_view('pages/contacts/delete_modal', $data, TRUE);
         if ($method == "ajax") {
             $output['html'] = $html;
             $this->_output_request($output, $redirect_url);
         } else {
             echo $html;
         }
     } else {
         if (!empty($output['status'])) {
             set_flash_data($output['status'], $output['message'], FALSE);
         }
         $this->template->load('default', $data);
     }
 }

示例#5

文件： Sites.php 项目： dimplewraich/finalproject

 public function download($pkey, $method = "echo")
 {
     _has_user_access_permission(TRUE, array('admin'));
     $params = ($params = unserialize_object($pkey)) && is_array($params) ? $params : array();
     $company_id = in_array($this->current_user->group_id, array(GROUP_ADMIN, GROUP_STAFF, GROUP_ENGINEER)) ? $this->_post_args('company_id', ARGS_TYPE_INT, array_key_exists(SYS_COMPANY_ID, $params) && gtzero_integer($params[SYS_COMPANY_ID]) ? to_int($params[SYS_COMPANY_ID]) : 0) : $this->current_user->company_id;
     $site_id = isset($params[SYS_SITE_ID]) && gtzero_integer($params[SYS_SITE_ID]) ? to_int($params[SYS_SITE_ID]) : 0;
     $redirect_url = $this->_post_args('redirect_url', ARGS_TYPE_STRING, $this->agent->referrer());
     $site_statuses = array('' => '', 1 => 'OPEN', 2 => 'SUBMITTED', 3 => 'COMPLETED');
     $site_info = $this->site_m->details($site_id, $company_id);
     if (!$site_info || _has_company_group_access($this->current_user->group_id) && $site_info->company_id != $this->current_user->company_id) {
         $this->show_permission_denied_error($method);
     }
     $company_id = in_array($this->current_user->group_id, array(GROUP_ADMIN, GROUP_STAFF, GROUP_ENGINEER)) ? $this->_post_args('company_id', ARGS_TYPE_INT, $site_info->company_id) : $this->current_user->company_id;
     $doc_key = $this->_post_args('doc_key', ARGS_TYPE_STRING) ? $this->_post_args('doc_key', ARGS_TYPE_STRING) : keygen();
     $csrf = _get_csrf_nonce();
     $headings = array("SITE", "FORM", "DATE ADDED", "ADDED BY", "STATUS", "DATE SUBMITTED", "SUBMITTED BY", "DATE COMPLETED", "COMPLETED BY");
     $this->load->library('PHPExcel');
     $this->load->library('PHPExcel/IOFactory');
     // Create a new PHPExcel object
     $objPHPExcel = new PHPExcel();
     $objPHPExcel->getActiveSheet()->setTitle('List of Site Forms');
     $rowNumber = 1;
     $col = 'A';
     foreach ($headings as $heading) {
         $objPHPExcel->getActiveSheet()->setCellValue($col . $rowNumber, $heading);
         $col++;
     }
     // Loop through the result set
     $rowNumber = 2;
     foreach ($site_info->site_forms as $site_form) {
         $col = 'A';
         $objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, $site_info->site_code);
         $objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, $site_form->form_name);
         $objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, _validate_date($site_form->added_on, 'Y-m-d H:i:s') ? local_time($site_form->added_on, 'M d, Y @ h:ia') : '');
         $objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, $site_form->added_by_name);
         $objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, $site_statuses[$site_form->status]);
         $objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, _validate_date($site_form->submitted_on, 'Y-m-d H:i:s') ? local_time($site_form->submitted_on, 'M d, Y @ h:ia') : '');
         $objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, $site_form->submitted_by_name);
         $objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, _validate_date($site_form->completed_on, 'Y-m-d H:i:s') ? local_time($site_form->completed_on, 'M d, Y @ h:ia') : '');
         $objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, $site_form->completed_by_name);
         $rowNumber++;
     }
     $objWriter = IOFactory::createWriter($objPHPExcel, 'Excel5');
     // We'll be outputting an excel file
     header('Content-type: application/vnd.ms-excel');
     // It will be called file.xls
     header('Content-Disposition: attachment; filename="' . date('Ymd') . '.xls"');
     // Write file to the browser
     $objWriter->save('php://output');
 }

示例#6

文件： Agencies.php 项目： dimplewraich/finalproject

 public function setting_detail($company_id = 0)
 {
     _has_user_access_permission(TRUE, array('admin', 'management_company'));
     $company_id = $this->current_user->group_id == 1 ? $company_id : $this->current_user->company_id;
     $params = array('com_settings' => $this->company_m->company_settings($company_id));
     header('Content-Type: application/json');
     echo json_encode($params);
     die;
 }

示例#7

文件： Survey.php 项目： dimplewraich/finalproject

 public function qdelete($pkey, $method = "echo")
 {
     _has_user_access_permission(TRUE, array('admin'));
     $params = ($params = unserialize_object($pkey)) && is_array($params) ? $params : array();
     $form_type_id = isset($params[SYS_FORM_TYPE_ID]) && gtzero_integer($params[SYS_FORM_TYPE_ID]) ? to_int($params[SYS_FORM_TYPE_ID]) : 0;
     $question_id = isset($params[SYS_QUESTION_ID]) && gtzero_integer($params[SYS_QUESTION_ID]) ? to_int($params[SYS_QUESTION_ID]) : 0;
     $redirect_url = $this->_post_args('redirect_url', ARGS_TYPE_STRING, $this->agent->referrer());
     $form_info = $this->survey_m->form_type_details($form_type_id);
     $question_info = $this->survey_m->get_question_detail($question_id, $form_type_id);
     if (!$form_info) {
         $this->show_permission_denied_error($method);
     }
     $this->form_validation->set_rules('confirm', 'confirm', 'trim|required');
     $output = array('message' => "", 'status' => "");
     if ($this->form_validation->run() == TRUE) {
         $is_record_updated = $this->survey_m->delete_question($question_id);
         if ($is_record_updated) {
             $output['message'] = sprintf('The question "%s" has been deleted.', $question_info->description);
             $output['status'] = SUCCESS_MESSAGE;
             $output['question_id'] = $question_id;
         } else {
             $output['message'] = sprintf('Unable to delete question "%s". Please report the issue to %s', $question_info->description, $this->cfg->contact_email);
             $output['status'] = ERROR_MESSAGE;
         }
         $this->_output_request($output, $redirect_url);
     } else {
         if (validation_errors()) {
             $output['message'] = validation_errors();
             $output['status'] = ERROR_MESSAGE;
         }
     }
     $csrf = _get_csrf_nonce();
     $data = array('form_action' => site_url('survey/qdelete/' . $pkey), 'cancel_url' => $redirect_url, 'page' => 'survey/delete', 'title' => 'Delete Question', "display_message" => sprintf('Are you sure you want to delete question "%s"?', $question_info->description), "display_heading" => sprintf('Delete Question', $question_info->description), "submit_btn_text" => "Save Changes", 'hiddenvars' => array_merge($csrf, array('redirect_url' => $redirect_url, 'confirm' => 1)));
     if ($this->input->is_ajax_request()) {
         $html = $this->template->raw_view('pages/survey/delete_modal', $data, TRUE);
         if ($method == "ajax") {
             $output['html'] = $html;
             $this->_output_request($output, $redirect_url);
         } else {
             echo $html;
         }
     } else {
         if (!empty($output['status'])) {
             set_flash_data($output['status'], $output['message'], FALSE);
         }
         $this->template->load('default', $data);
     }
 }

示例#8

文件： global_helper.php 项目： dimplewraich/finalproject

 function get_sidebar_menu()
 {
     $ci =& get_instance();
     $sidebar = array();
     if (_has_user_access_permission($show_error = FALSE, array('admin'))) {
         $sidebar['companies'] = array('name' => 'Agencies', 'link' => site_url('agencies'), 'class' => ICON_COMPANIES, 'mobile' => true, 'subitems' => array(), 'mobile_params' => ' data-ajax="false"');
     }
     if (_has_user_access_permission($show_error = FALSE, array('admin'))) {
         $sidebar['users'] = array('name' => 'Users', 'link' => site_url('users'), 'class' => ICON_USER, 'mobile' => true, 'subitems' => array(), 'mobile_params' => ' data-ajax="false"');
     }
     if (_has_user_access_permission($show_error = FALSE, array('admin', 'staff', 'management_company'))) {
         $sidebar['sites'] = array('name' => 'Sites', 'link' => site_url('sites'), 'class' => ICON_SITE, 'mobile' => true, 'subitems' => array(), 'mobile_params' => ' data-ajax="false"');
     }
     if (_has_user_access_permission($show_error = FALSE, array('admin', 'staff', 'management_company'))) {
         $sidebar['Feedback'] = array('name' => 'Feedback', 'link' => site_url('sites/survey'), 'class' => ICON_SITE, 'mobile' => true, 'subitems' => array(), 'mobile_params' => ' data-ajax="false"', 'website' => FALSE);
     }
     if (_has_user_access_permission($show_error = FALSE, array('admin'))) {
         $sidebar['SiteForms'] = array('name' => 'Site Forms', 'link' => site_url('survey'), 'class' => ICON_QUESTION, 'mobile' => FALSE, 'subitems' => array());
     }
     return $sidebar;
 }