PHP checkEditPurview示例

示例#1

文件： m_post.php 项目： sherlockhouse/aliyun

        //解决因错误导致附件丢失问题
        $articleModule->setAttach($flashatt, $oldatt_desc);
        $articleModule->showError();
        $result = $articleService->updateArticle($articleModule);
        if ($result) {
            $jumpUrl = $addnewpage ? $basename . "q=post&action=edit&id=" . $id . "&page=add" : $basename . "q=view&id=" . $id;
            $msg = defined('AJAX') ? "success\t" . $jumpUrl : '修改文章成功!';
            refreshto($jumpUrl, $msg);
        } else {
            Showmsg('修改文章失败');
        }
    }
} elseif ($action == 'deletepage') {
    S::gp(array('id', 'page'));
    $articleModule = $articleService->getArticleModule($id);
    if (!checkEditPurview($windid, $articleModule->columnId) && $articleModule->user != $windid) {
        Showmsg('你没有权限编辑本栏目的文章');
    }
    $articleModule->deletePage($page);
    $articleModule->showError();
    $result = $articleService->updateArticle($articleModule);
    if ($result) {
        refreshto("{$basename}q=post&action=edit&id={$id}&page=1", 'operate_success', 2);
    } else {
        Showmsg('删除分页失败');
    }
}
require cmsTemplate::printEot('post');
footer();
function initFileTypeInfo($db_uploadfiletype)
{

示例#2

文件： cmsreply.php 项目： jechiy/PHPWind

        Showmsg('undefined_action');
    }
    $cmscommentreplyservice = C::loadClass('cmscommentreplyservice');
    $replyList = $cmscommentreplyservice->getCommentsByCommentid($commentid);
    require_once PrintEot('cmsreply');
    ajax_footer();
}
if ($type == 'delreply') {
    S::gp(array('replyid', 'commentid', 'P', 2));
    if ($replyid < 1 || $commentid < 1) {
        Showmsg('undefined_action');
    }
    $cmscomment = C::loadClass('cmscommentservice');
    $data = $cmscomment->getByCommentid($commentid);
    if (!$data) {
        Showmsg('data_error');
    }
    $cmscommentreplyservice = C::loadClass('cmscommentreplyservice');
    $replyData = $cmscommentreplyservice->getByReplyid($replyid);
    $articleService = C::loadClass('articleservice');
    $articleModule = $articleService->getArticleModule($data['article_id']);
    if ($replyData['uid'] != $winduid && !checkEditPurview($windid, $articleModule->columnId)) {
        Showmsg('您没有权限');
    }
    if (!$cmscommentreplyservice->deleteByReplyid($replyid)) {
        echo "fail";
    }
    $cmscomment->updateReplynumByCommentid('-1', $commentid);
    echo "success";
    ajax_footer();
}

示例#3

文件： m_list.php 项目： sherlockhouse/aliyun

} elseif ($action == 'del') {
    define('AJAX', 1);
    S::gp(array('ids', 'column_id'));
    /*
    if(!checkEditPurview($windid,$column_id)) {
    	Showmsg('您没有权限删除帖子');
    }
    */
    if (strpos($ids, ',')) {
        $ids = explode(',', $ids);
    }
    $articleDB = C::loadDB('article');
    $list = $articleDB->getArticlesByIds(is_array($ids) ? $ids : array($ids));
    if (empty($list)) {
        Showmsg('data_error');
    }
    foreach ($list as $key => $value) {
        if (!checkEditPurview($windid, $value['column_id'])) {
            Showmsg('您没有权限删除帖子');
        }
    }
    if (!$articleService->deleteArticlesToRecycle($ids)) {
        echo 'error';
        ajax_footer();
    }
    echo 'success';
    ajax_footer();
}
require_once M_P . 'require/header.php';
require cmsTemplate::printEot('list');
footer();

示例#4

文件： columnservice.class.php 项目： jechiy/PHPWind

 function _getColumns($columns, $cid, &$result, $l = 1, $username = 0)
 {
     foreach ($columns as $c) {
         //if ($username && !$c['allowoffer'] && !checkEditPurview($username,$c['column_id'])) continue;
         if ($c['parent_id'] == $cid) {
             $c['level'] = $l;
             if ($c['allowoffer'] || !$username || $username && checkEditPurview($username, $c['column_id'])) {
                 $result[$c['column_id']] = $c;
             }
             $this->_getcolumns($columns, $c['column_id'], $result, $l + 1, $username);
         }
     }
 }

示例#5

文件： m_view.php 项目： jechiy/PHPWind

<?php

!defined('M_P') && exit('Forbidden');
require_once R_P . 'require/bbscode.php';
require_once R_P . 'require/functions.php';
S::gp(array('id', 'page', 'replypage'), '', 2);
!$page && ($page = 1);
$stylepath = L::style('stylepath');
$articleService = C::loadClass('articleservice');
/* @var $articleService PW_ArticleService */
$articleModule = $articleService->getArticleModule($id);
if ($articleModule->ifcheck == 2) {
    Showmsg(data_error);
}
if (!is_object($articleModule) || !isGM($windid) && !checkEditPurview($windid) && $articleModule->postDate > $timestamp) {
    Showmsg('文章不存在');
}
$content = cookContent($articleModule, $page);
$postdate = get_date($articleModule->postDate);
$pages = $articleModule->getPages($page, "{$basename}q=view&id={$id}&");
$sourceUrl = $articleModule->getSourceUrl();
$columnService = C::loadClass('columnservice');
/* @var $columnService PW_columnService */
$columns = $columnService->getColumnsAndSubColumns($articleModule->columnId);
$pagePosition = getPosition($articleModule->columnId, $id, '', $cms_sitename);
$pageCache = L::loadClass('pagecache', 'pagecache');
$pageCacheConfig = C::loadClass('pagecacheconfigview', 'pagecache');
$pageCache->init($pageCacheConfig);
$tmpHotArticle = $pageCache->getData('hotArticle');
$hotArticle = $articleService->filterArticles($tmpHotArticle);
/* 记录hits */