public function index($context = null)
{
// Get a list of modules with a controller matching
// $context ('content', 'appearance', 'settings', 'statistics', or 'developer')
foreach (module_list() as $module) {
if (module_controller_exists($context, $module)) {
$this->actions[] = $module;
}
}
// Do we have any actions?
if (!count($this->actions)) {
return '<ul class="nav-sub clearfix"></ul>';
}
// Grab our module permissions so we know who can see what on the sidebar
$permissions = config_item('module_permissions');
// Build up our menu array
foreach ($this->actions as $module) {
// Make sure the user has permission to view this page.
if (isset($permissions[$context][$module]) && has_permission($permissions[$context][$module]) || !array_key_exists($module, $permissions[$context])) {
// Grab our module config array, if any.
$mod_config = module_config($module);
$display_name = isset($mod_config['name']) ? $mod_config['name'] : $module;
$title = isset($mod_config['description']) ? $mod_config['description'] : $module;
$menu_topic = isset($mod_config['menu_topic'][$context]) ? $mod_config['menu_topic'][$context] : $display_name;
// Drop-down menus?
if (isset($mod_config['menus']) && isset($mod_config['menus'][$context])) {
$menu_view = $mod_config['menus'][$context];
} else {
$menu_view = '';
}
$this->menu[$menu_topic][$module] = array('title' => $title, 'display_name' => $display_name, 'menu_view' => $menu_view, 'menu_topic' => $menu_topic);
}
}
return $this->build_menu($context);
}
/**
* Class constructor - setup paging and keyboard shortcuts as well as
* load various libraries
*
*/
public function __construct()
{
parent::__construct();
$this->load->library('template');
$this->load->library('assets');
$this->load->library('ui/contexts');
// Pagination config
$this->pager = array('full_tag_open' => '<div class="pagination pagination-right"><ul>', 'full_tag_close' => '</ul></div>', 'next_link' => '→', 'prev_link' => '←', 'next_tag_open' => '<li>', 'next_tag_close' => '</li>', 'prev_tag_open' => '<li>', 'prev_tag_close' => '</li>', 'first_tag_open' => '<li>', 'first_tag_close' => '</li>', 'last_tag_open' => '<li>', 'last_tag_close' => '</li>', 'cur_tag_open' => '<li class="active"><a href="#">', 'cur_tag_close' => '</a></li>', 'num_tag_open' => '<li>', 'num_tag_close' => '</li>');
$this->limit = $this->settings_lib->item('site.list_limit');
// load the keyboard shortcut keys
$shortcut_data = array('shortcuts' => config_item('ui.current_shortcuts'), 'shortcut_keys' => $this->settings_lib->find_all_by('module', 'core.ui'));
Template::set('shortcut_data', $shortcut_data);
// Profiler Bar?
if (ENVIRONMENT == 'development') {
if ($this->settings_lib->item('site.show_profiler') and has_permission('Bonfire.Profiler.View')) {
// Profiler bar?
if (!$this->input->is_cli_request() and !$this->input->is_ajax_request()) {
$this->load->library('Console');
$this->output->enable_profiler(TRUE);
}
}
}
// Basic setup
Template::set_theme($this->config->item('template.admin_theme'), 'junk');
}
public function index($type=null)
{
// Get a list of modules with a controller matching
// $type ('content', 'appearance', 'settings', 'statistics', or 'developer')
foreach (module_list() as $module)
{
if (module_controller_exists($type, $module))
{
$this->actions[] = $module;
}
}
// Do we have any actions?
if (!count($this->actions))
{
return '<ul class="nav-sub clearfix"></ul>';
}
// Grab our module permissions so we know who can see what on the sidebar
$permissions = config_item('module_permissions');
// Build a ul to return
$list = "<ul class='nav-sub clearfix'>\n";
foreach ($this->actions as $module)
{
// Make sure the user has permission to view this page.
if ((isset($permissions[$type][$module]) && has_permission($permissions[$type][$module])) || !array_key_exists($module, $permissions[$type]))
{
// Is this the current module?
if ($module == $this->uri->segment(3))
{
$class = 'class="current"';
}
else
{
$class = '';
}
// Build our list item.
$list .= '<li><a href="'. site_url('admin/'. $type .'/'. $module) .'" '. $class;
// Icon
/*
if ($icon = module_icon($module))
{
$list .= ' style="background: url('. $icon .')"';
}
*/
$list .= '>'. ucwords(str_replace('_', '', $module)) ."</a></li>\n";
}
}
$list .= "</ul>\n";
return $list;
}
function require_permission($permissions)
{
if (has_permission($permissions)) {
return true;
} else {
http_response_code(401);
dispatch('siteuser/user_login');
exit;
}
}
public function index()
{
if (!is_logged()) {
redirect('login');
}
// Use the same permissions for the list but use different statuses.
$surveys = array();
if (has_permission('view survey list any')) {
redirect('surveys');
} else {
if (has_permission('view survey list assigned')) {
redirect('surveys/open');
}
}
// If regular user just show a empty page.
$this->load->view('base/html_start');
$this->load->view('components/navigation', array('active_menu' => 'dashboard'));
$this->load->view('base/html_end');
}
public function type($type = '')
{
//restrict access to users with Institutions.View permission
$warning = array('type' => 'warning', 'text' => 'You dont have permission to view inistitutions');
$this->auth->restrict($warning, 'Institutions.View');
if (!$type) {
$this->index();
return;
}
// SB Admin CSS - Include on every page
$this->layout->add_css('sb-admin');
// SB Admin Scripts - Include with every page
$this->layout->add_js('sb-admin');
// get all institution by the type requested
$institutions = $this->institution_model->get_by_type($type);
$data['institutions'] = $institutions;
//find the institution type string for display in the view
$institution_type = $this->institutions_type[$type];
$data['institution_type'] = $institution_type;
$parent = $institution_type->parent;
$parent_institution_type = null;
$parent_institutions = array();
if ($parent) {
$parent_institution_type = $this->institutions_type[$parent];
$parent_institutions = $this->app->get_institutions_by_type($parent_institution_type->id_type);
}
// define institution columns. May be i should find a better way to do
// this.
$institution_columns = array('Institution');
if ($parent_institution_type && $parent_institution_type->nom_type) {
$institution_columns[] = $parent_institution_type->nom_type;
}
$institution_columns[] = 'Nom Responsable';
$institution_columns[] = 'Prenom Responsable';
if (has_permission('Institutions.Edit') || has_permission('Institutions.Delete')) {
$institution_columns[] = 'Actions';
}
$data['institution_columns'] = $institution_columns;
$data['parent_institutions'] = $parent_institutions;
$this->layout->view('institution_list', $data);
}
/**
* Perform form validation and save the settings to the database
*
* @param array $extended_settings An optional array of settings from the
* extended_settings config file
*
* @return bool
*/
private function save_settings($extended_settings = array())
{
$this->form_validation->set_rules('title', 'lang:bf_site_name', 'required|trim');
$this->form_validation->set_rules('system_email', 'lang:bf_site_email', 'required|trim|valid_email');
$this->form_validation->set_rules('list_limit', 'Items <em>p.p.</em>', 'required|trim|numeric');
$this->form_validation->set_rules('password_min_length', 'lang:bf_password_length', 'required|trim|numeric');
$this->form_validation->set_rules('password_force_numbers', 'lang:bf_password_force_numbers', 'trim|numeric');
$this->form_validation->set_rules('password_force_symbols', 'lang:bf_password_force_symbols', 'trim|numeric');
$this->form_validation->set_rules('password_force_mixed_case', 'lang:bf_password_force_mixed_case', 'trim|numeric');
$this->form_validation->set_rules('password_show_labels', 'lang:bf_password_show_labels', 'trim|numeric');
$this->form_validation->set_rules('languages[]', 'lang:bf_language', 'required|trim|is_array');
// Setup the validation rules for any extended settings
$extended_data = array();
foreach ($extended_settings as $field) {
if (empty($field['permission']) || has_permission($field['permission'])) {
$this->form_validation->set_rules($field['name'], $field['label'], $field['rules']);
$extended_data["ext.{$field['name']}"] = $this->input->post($field['name']);
}
}
if ($this->form_validation->run() === false) {
return false;
}
$data = array(array('name' => 'site.title', 'value' => $this->input->post('title')), array('name' => 'site.system_email', 'value' => $this->input->post('system_email')), array('name' => 'site.status', 'value' => $this->input->post('status')), array('name' => 'site.list_limit', 'value' => $this->input->post('list_limit')), array('name' => 'auth.allow_register', 'value' => isset($_POST['allow_register']) ? 1 : 0), array('name' => 'auth.user_activation_method', 'value' => isset($_POST['user_activation_method']) ? $_POST['user_activation_method'] : 0), array('name' => 'auth.login_type', 'value' => $this->input->post('login_type')), array('name' => 'auth.use_usernames', 'value' => isset($_POST['use_usernames']) ? $this->input->post('use_usernames') : 0), array('name' => 'auth.allow_remember', 'value' => isset($_POST['allow_remember']) ? 1 : 0), array('name' => 'auth.remember_length', 'value' => (int) $this->input->post('remember_length')), array('name' => 'auth.use_extended_profile', 'value' => isset($_POST['use_ext_profile']) ? 1 : 0), array('name' => 'auth.allow_name_change', 'value' => $this->input->post('allow_name_change') ? 1 : 0), array('name' => 'auth.name_change_frequency', 'value' => $this->input->post('name_change_frequency')), array('name' => 'auth.name_change_limit', 'value' => $this->input->post('name_change_limit')), array('name' => 'auth.password_min_length', 'value' => $this->input->post('password_min_length')), array('name' => 'auth.password_force_numbers', 'value' => $this->input->post('password_force_numbers')), array('name' => 'auth.password_force_symbols', 'value' => $this->input->post('password_force_symbols')), array('name' => 'auth.password_force_mixed_case', 'value' => $this->input->post('password_force_mixed_case')), array('name' => 'auth.password_show_labels', 'value' => $this->input->post('password_show_labels') ? 1 : 0), array('name' => 'site.show_profiler', 'value' => isset($_POST['show_profiler']) ? 1 : 0), array('name' => 'site.show_front_profiler', 'value' => isset($_POST['show_front_profiler']) ? 1 : 0), array('name' => 'site.languages', 'value' => $this->input->post('languages') != '' ? serialize($this->input->post('languages')) : ''), array('name' => 'password_iterations', 'value' => $this->input->post('password_iterations')));
log_activity($this->current_user->id, lang('bf_act_settings_saved') . ': ' . $this->input->ip_address(), 'core');
// Save the settings to the DB
$updated = $this->settings_model->update_batch($data, 'name');
// If the update was successful and there are extended settings to save,
if ($updated && !empty($extended_data)) {
// Save them
$updated = $this->save_extended_settings($extended_data);
}
return $updated;
}
function CreateFolder($resourceType, $currentFolder)
{
global $_FolderClass;
global $Config;
if (!isset($_GET)) {
global $_GET;
}
$sErrorNumber = '0';
$sErrorMsg = '';
if (!has_permission($currentFolder, $resourceType) || $_FolderClass < 8) {
if (!has_open_access()) {
$sErrorNumber = 103;
echo '<Error number="' . $sErrorNumber . '" />';
return;
}
}
if (isset($_GET['NewFolderName'])) {
$sess_id = session_id();
if (!isset($sess_id) || $sess_id != $_COOKIE['FCK_NmSp_acl']) {
session_id($_COOKIE['FCK_NmSp_acl']);
session_start();
}
global $Dwfck_conf_values;
global $dwfck_conf;
$dwfck_conf = $_SESSION['dwfck_conf'];
if (empty($dwfck_conf)) {
$dwfck_conf['deaccent'] = isset($Dwfck_conf_values['deaccent']) ? $Dwfck_conf_values['deaccent'] : 1;
$dwfck_conf['useslash'] = isset($Dwfck_conf_values['useslash']) ? $Dwfck_conf_values['useslash'] : 0;
$dwfck_conf['sepchar'] = isset($Dwfck_conf_values['sepchar']) ? $Dwfck_conf_values['sepchar'] : '_';
}
$sNewFolderName = $_GET['NewFolderName'];
$sNewFolderName = str_replace(' ', $dwfck_conf['sepchar'], $sNewFolderName);
$sNewFolderName = Dwfck_sanitize($sNewFolderName);
if (strpos($sNewFolderName, '..') !== FALSE) {
$sErrorNumber = '102';
} else {
// Map the virtual path to the local server path of the current folder.
$sServerDir = ServerMapFolder($resourceType, $currentFolder, 'CreateFolder');
if ($Dwfck_conf_values['fnencode'] == 'url' || $Config['osWindows'] && !isset($Dwfck_conf_values['fnencode'])) {
$sServerDir = encode_dir($sServerDir);
}
if ($Config['osWindows']) {
$sServerDir = normalizeWIN($sServerDir);
}
if (is_writable($sServerDir)) {
$sServerDir .= $sNewFolderName;
$sErrorMsg = CreateServerFolder($sServerDir);
switch ($sErrorMsg) {
case '':
$sErrorNumber = '0';
break;
case 'Invalid argument':
case 'No such file or directory':
$sErrorNumber = '102';
// Path too long.
break;
default:
$sErrorNumber = '110';
break;
}
} else {
$sErrorNumber = '103';
}
}
} else {
$sErrorNumber = '102';
}
// Create the "Error" node.
echo '<Error number="' . $sErrorNumber . '" />';
}
</p>
<?php
echo Modules::run('roles/settings/matrix');
?>
</fieldset>
<?php
}
?>
<fieldset class="form-actions">
<input type="submit" name="save" class="btn btn-primary" value="<?php
echo lang('role_save_role');
?>
" />
<?php
echo lang('bf_or') . ' ' . anchor(SITE_AREA . '/settings/roles', lang('bf_action_cancel'));
if (isset($role) && $role->can_delete == 1 && has_permission('Bonfire.Roles.Delete')) {
?>
<button type="submit" name="delete" class="btn btn-danger" onclick="return confirm('<?php
e(js_escape(lang('role_delete_confirm') . ' ' . lang('role_delete_note')));
?>
')"><span class="icon-trash icon-white"></span> <?php
echo lang('role_delete_role');
?>
</button>
<?php
}
?>
</fieldset>
<?php
echo form_close();
?>
<li>
<a href="#" class="bttn bttn-primary bttn-small bttn-dropdown bttn-icon-edit" data-dropdown="action-bttn">Edit</a>
<ul class="action-dropdown for-bttn-small">
<?php
if (has_permission('edit any survey')) {
?>
<li><?php
echo anchor($survey_entity->get_url_edit(), 'Modify');
?>
</li>
<?php
}
?>
<?php
if (has_permission('delete any survey')) {
?>
<?php
$class = 'danger';
?>
<?php
$class .= !$survey_entity->status_allows('delete any survey') ? ' disabled' : '';
?>
<li><?php
echo anchor_csrf($survey_entity->get_url_delete(), 'Delete', array('class' => $class, 'data-confirm-action' => 'Are you sure you want to delete: <em>' . $survey_entity->title . '</em>?'));
?>
</li>
<?php
}
?>
</ul>
<?php
if (has_permission('Bonfire.Users.Manage')) {
?>
<ul class="nav nav-pills">
<li <?php
echo $this->uri->segment(4) == '' ? 'class="active"' : '';
?>
>
<a href="<?php
echo site_url(SITE_AREA . '/settings/users');
?>
"><?php
echo lang('bf_users');
?>
</a>
</li>
<li <?php
echo $this->uri->segment(4) == 'create' ? 'class="active"' : '';
?>
>
<a href="<?php
echo site_url(SITE_AREA . '/settings/users/create');
?>
" id="create_new">Nouvel utilisateur</a>
</li>
</ul>
<?php
}
?>
</p>
</div>
<div class="text-right">
<br/>
<input type="submit" name="submit" value="Edit Navigation" /> or <?php
echo anchor(SITE_AREA . '/content/navigation', lang('navigation_cancel'));
?>
</div>
<?php
echo form_close();
?>
<?php
if (isset($navigation) && has_permission('Navigation.Content.Delete')) {
?>
<div class="box delete rounded">
<a class="button" id="delete-me" href="<?php
echo site_url(SITE_AREA . '/content/navigation/delete/' . $id);
?>
" onclick="return confirm('<?php
echo lang('navigation_delete_confirm');
?>
')"><?php
echo lang('navigation_delete_record');
?>
</a>
<h3><?php
echo lang('navigation_delete_record');
function include_all($x)
{
extract($x);
#add a few extra variables that will be usefull in the output;
#x = array('elements'=>, 'element_info'=>, 'user_id'=>, 'db'=>)
#Example: $data = include_all(compact('elements', 'element_info', 'user_id', 'db'));
#when there is no resource_class_id, find it from the project where instance was created. WILL ASSUME THAT RESOURCE_CLASS_ID FILLED OUT IS A REQUIREMENT FOR ALL S3DB THAT SHARE RULES
if ($_REQUEST['project_id'] == '') {
$project_id = $element_info['project_id'];
} else {
$project_id = $_REQUEST['project_id'];
}
if (!$model) {
$model = 'nsy';
}
if ($letter == '') {
$letter = strtoupper(substr($elements, 0, 1));
}
if (is_array($GLOBALS['s3map'][$GLOBALS['plurals'][$GLOBALS['s3codes'][$letter]]])) {
foreach ($GLOBALS['s3map'][$GLOBALS['plurals'][$GLOBALS['s3codes'][$letter]]] as $replace => $with) {
$element_info[$replace] = $element_info[$with];
}
}
#if element is a class, return the class id
if ($letter == 'D') {
$element_info['acl'] = $user_id == '1' ? '222' : (user_is_admin($user_id, $db) ? '212' : (user_is_public($user_id, $db) ? '210' : '211'));
$element_info['created_by'] = $user_id;
$element_info['description'] = $GLOBALS['s3db_info']['server']['site_intro'];
$element_info['name'] = $GLOBALS['s3db_info']['server']['site_title'];
if ($element_info['deployment_id'] == $GLOBALS['s3db_info']['deployment']['Did']) {
$element_info['self'] = 1;
}
}
if ($letter == 'G') {
#echo '<pre>';print_r($x);exit;
$e = 'groups';
#$element_info['group_id'] = $element_info['account_id'];
#$element_info['groupname'] = $element_info['account_uname'];
#$element_info['acl'] = groupAcl($element_info, $user_id, $db);
$uid_info = uid($element_info['account_id']);
$element_info['deployment_id'] = ereg_replace('^D', '', $uid_info['Did']);
$strictuid = 1;
$strictsharedwith = 1;
$uid = 'G' . $element_info['group_id'];
$shared_with = 'U' . $user_id;
#$element_info['acl'] = permissionOnResource(compact('user_id', 'shared_with', 'db', 'uid','key','strictsharedwith','strictuid'));
$element_info['acl'] = groupAcl($element_info, $user_id, $db, $timer);
if ($timer) {
$timer->setMarker('Included resource information for ' . $letter);
}
#echo '<pre>';print_r($element_info);exit;
}
if ($letter == 'U') {
if ($element_info['account_addr_id'] != '') {
$sql = "select * from s3db_addr where addr_id = '" . $element_info['account_addr_id'] . "'";
$fields = array('addr1', 'addr2', 'city', 'state', 'postal_code', 'country');
$db->query($sql);
while ($db->next_record()) {
for ($i = 0; $i < count($fields); $i++) {
$element_info[$fields[$i]] = $db->f($fields[$i]);
}
}
$element_info = array_delete($element_info, 'account_addr_id');
}
$element_info['user_id'] = $element_info['account_id'];
$element_info['username'] = $element_info['account_uname'];
$element_info['login'] = $element_info['account_lid'];
$element_info['address'] = $element_info['addr1'];
$uid_info = uid($element_info['account_id']);
$element_info['deployment_id'] = ereg_replace('^D', '', $uid_info['Did']);
if ($user_id != '1' && $element_info['created_by'] != $user_id && $element_info['account_id'] != $user_id) {
#if user is not seing himself and user is not admin and user was not the creator of element, then hide address, email, phone, etc.
$keys2Remove = array('account_email' => '', 'account_phone' => '', 'addr1' => '', 'addr2' => '', 'city' => '', 'state' => '', 'postal_code' => '', 'country' => '');
if (is_array($element_info)) {
$element_info = array_diff_key($element_info, $keys2Remove);
}
}
if ($user_id != '1' && $element_info['created_by'] != $user_id && $user_id != $element_info['account_id']) {
if (is_array($element_info)) {
$element_info = array_diff_key($element_info, array('account_type' => '', 'account_status' => ''));
}
} else {
//if this user has been created with a filter, what is that filter
$permission_info = array('uid' => 'U' . $element_info['created_by'], 'shared_with' => 'U' . $element_info['account_id']);
$hp = has_permission($permission_info, $db);
if ($hp) {
$element_info['filter'] = $hp;
}
}
if (is_array($element_info)) {
$element_info = array_diff_key($element_info, array('account_pwd' => ''));
}
$user_id_who_asks = $user_id;
$uid = 'U' . $element_info['user_id'];
$shared_with = $user_id_who_asks;
$strictuid = 1;
$strictsharedwith = 1;
$onPermissions = compact('user_id', 'shared_with', 'db', 'uid', 'key', 'strictsharedwith', 'strictuid');
if ($element_info['acl'] == '') {
$element_info['acl'] = userAcl(compact('key', 'element_info', 'user_id_who_asks', 'db'));
}
}
if ($letter == 'P') {
$element_info['name'] = $element_info['project_name'];
$element_info['description'] = $element_info['project_description'];
$id = 'P' . $element_info['project_id'];
$uid = 'P' . $element_info['project_id'];
}
if ($letter == 'C') {
$element_info['class_id'] = $element_info['resource_id'];
$element_info['collection_id'] = $element_info['class_id'];
$element_info['name'] = $element_info['entity'];
$element_info['description'] = $element_info['notes'];
#project_id to search for rule_id will be the same from the class
$uid = 'C' . $element_info['resource_id'];
}
#if element is a rule, return the class_id of the subject. If the object is a class, return the object_id... to discuss with jonas
if ($letter == 'R') {
$uid = 'R' . $element_info['rule_id'];
}
#if this is an instance, return the class_id => ASSUMING THAT EVERY S3DB THAT HAS SHARED RULES HAS RESOURCECLASSID IN INSTANCE.
if ($letter == 'I') {
if ($element_info['resource_class_id'] != '') {
$element_info['class_id'] = $element_info['resource_class_id'];
}
$element_info['instance_id'] = $element_info['resource_id'];
$element_info['item_id'] = $element_info['instance_id'];
$element_info['collection_id'] = $element_info['class_id'];
$instance_id = $element_info['instance_id'];
$uid = 'I' . $element_info['instance_id'];
}
if ($letter == 'S') {
$uid = 'S' . $element_info['statement_id'];
$info[$id] = $element_info;
$statement_id = $element_info['statement_id'];
$element_info['instance_id'] = $element_info['resource_id'];
$element_info['item_id'] = $element_info['instance_id'];
$element_info['instance_notes'] = $info['I' . $element_info['instance_id']]['notes'];
if ($info['R' . $element_info['rule_id']] == '') {
$info['R' . $element_info['rule_id']] = s3info('rule', $element_info['rule_id'], $db);
}
$element_info['object_notes'] = notes($element_info['value'], $db);
$element_info['project_folder'] = $element_info['value'];
$element_info = include_fileLinks($element_info, $db);
$element_info['subject'] = $info['R' . $element_info['rule_id']]['subject'];
$element_info['verb'] = $info['R' . $element_info['rule_id']]['verb'];
$element_info['object'] = $info['R' . $element_info['rule_id']]['object'];
$element_info['subject_id'] = $info['R' . $element_info['rule_id']]['subject_id'];
$element_info['verb_id'] = $info['R' . $element_info['rule_id']]['verb_id'];
$element_info['object_id'] = $info['R' . $element_info['rule_id']]['object_id'];
}
$strictuid = 1;
$strictsharedwith = 1;
$shared_with = 'U' . $user_id;
$toFindInfo = $element_info;
$onPermissions = compact('user_id', 'shared_with', 'db', 'uid', 'key', 'strictsharedwith', 'strictuid', 'timer', 'toFindInfo');
if ($element_info['acl'] == '') {
$element_info['acl'] = permission4Resource($onPermissions);
}
$element_info['permission_level'] = $element_info['acl'];
if (!$element_info['effective_permission']) {
$element_info['effective_permission'] = $element_info['acl'];
}
if (!$element_info['assigned_permission']) {
$pp = array('uid' => $uid, 'shared_with' => $shared_with);
$tmp = has_permission($pp, $db);
if ($tmp) {
$element_info['assigned_permission'] = $tmp;
} else {
$element_info['assigned_permission'] = '---';
}
}
#Define if ser can view or not view data. View is the first number in the 3d code.
$permission2user = permissionModelComp($element_info['permission_level']);
##According to the model, change the values of assigned_permission from prevous versions
$element_info['assigned_permission'] = str_replace(array('0', '1', '2'), str_split($model), $element_info['assigned_permission']);
$isOwner = $element_info['created_by'] == $user_id;
$element_info['view'] = allowed($permission2user, 0, $isOwner, $state = 3, $model);
$element_info['change'] = allowed($permission2user, 1, $isOwner, $state = 3, $model);
$element_info['propagate'] = allowed($permission2user, 2, $isOwner, $state = 3, $model);
#create the element "delete", in case it is eventually created...For now it is the same as change
$element_info['delete'] = $element_info['change'];
$element_info['delete_data'] = $element_info['add_data'];
$element_info['add_data'] = $element_info['propagate'];
return $element_info;
}
</div>
</div>
</fieldset>
<?php
}
// Allow modules to render custom fields
Events::trigger('render_user_form');
?>
<!-- Start of User Meta -->
<?php
$this->load->view('users/user_meta');
?>
<!-- End of User Meta -->
<?php
if (isset($user) && has_permission('Permissions.' . ucfirst($user->role_name) . '.Manage') && $user->id != $this->auth->user_id() && ($user->banned || $user->deleted)) {
?>
<fieldset>
<legend><?php
echo lang('us_account_status');
?>
</legend>
<?php
$field = 'activate';
if ($user->active) {
$field = 'de' . $field;
}
?>
<div class="control-group">
<div class="controls">
<label for="<?php
<?php
/******************/
// This Page Lets the Admin Add and Delete Editors to this site.
/*****************/
ob_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/Gamesite/core/init.php';
// Check if Admin is logged in, if not, redirect him to index.php
if (!has_permission('admin')) {
permission_error_redirect('index.php');
}
include 'includes/head.php';
include 'includes/navigation.php';
// Delete Editors
if (isset($_GET['delete'])) {
$delete_id = sanitize($_GET['delete']);
// Delete from DB and run query with Header Redirect.
$db->query("delete from admin where id = '{$delete_id}' ");
$_SESSION['success_flash'] = 'Editor has been deleted.';
header('Location: Editors.php');
}
// If Add New Editor is clicked
if (isset($_GET['add'])) {
// SET ALL OF THE FORM VARIABLES
$name = isset($_POST['name']) ? sanitize($_POST['name']) : '';
$email = isset($_POST['email']) ? sanitize($_POST['email']) : '';
$password = isset($_POST['password']) ? sanitize($_POST['password']) : '';
$confirm = isset($_POST['confirm']) ? sanitize($_POST['confirm']) : '';
$permissions = isset($_POST['permissions']) ? sanitize($_POST['permissions']) : '';
// set errors to a empty array
$errors = array();
/**
* Save the user
*
* @access private
*
* @param string $type The type of operation (insert or edit)
* @param int $id The id of the user in the case of an edit operation
* @param array $meta_fields Array of meta fields fur the user
* @param string $cur_role_name The current role for the user being edited
*
* @return bool
*/
private function save_user($type = 'insert', $id = 0, $meta_fields = array(), $cur_role_name = '')
{
$this->form_validation->set_rules($this->user_model->get_validation_rules($type));
$extra_unique_rule = '';
$username_required = '';
if ($type != 'insert') {
$_POST['id'] = $id;
$extra_unique_rule = ',users.id';
}
if ($this->settings_lib->item('auth.login_type') == 'username' || $this->settings_lib->item('auth.use_usernames')) {
$username_required = 'required|';
}
$this->form_validation->set_rules('username', 'lang:bf_username', $username_required . 'trim|max_length[30]|unique[users.username' . $extra_unique_rule . ']');
$this->form_validation->set_rules('email', 'lang:bf_email', 'required|trim|valid_email|max_length[120]|unique[users.email' . $extra_unique_rule . ']');
if (has_permission('Bonfire.Roles.Manage') && has_permission('Permissions.' . $cur_role_name . '.Manage')) {
$this->form_validation->set_rules('role_id', 'lang:us_role', 'required|trim|max_length[2]|is_numeric');
}
$meta_data = array();
foreach ($meta_fields as $field) {
if (!isset($field['admin_only']) || $field['admin_only'] === false || isset($field['admin_only']) && $field['admin_only'] === true && isset($this->current_user) && $this->current_user->role_id == 1) {
$this->form_validation->set_rules($field['name'], $field['label'], $field['rules']);
$meta_data[$field['name']] = $this->input->post($field['name']);
}
}
if ($this->form_validation->run() === false) {
return false;
}
// Compile our core user elements to save.
$data = $this->user_model->prep_data($this->input->post());
if ($type == 'insert') {
$activation_method = $this->settings_lib->item('auth.user_activation_method');
// No activation method
if ($activation_method == 0) {
// Activate the user automatically
$data['active'] = 1;
}
$return = $this->user_model->insert($data);
$id = $return;
} else {
// Update
$return = $this->user_model->update($id, $data);
}
// Save any meta data for this user
if (count($meta_data)) {
$this->user_model->save_meta_for($id, $meta_data);
}
// Any modules needing to save data?
Events::trigger('save_user', $this->input->post());
return $return;
}
<?php
if (has_permission($matrix_perm['name']) || $current_user->role_id == 1) {
//Admin
?>
<tr title="<?php
echo $matrix_perm['name'];
?>
">
<td><?php
echo $matrix_perm['name'];
?>
</td>
<?php
for ($i = 0; $i < count($cols); $i++) {
if (has_permission('Permissions.' . $cols[$i]['role_name'] . '.Manage')) {
$checkbox_value = $cols[$i]['role_id'] . ',' . $matrix_perm['permission_id'];
$checked = in_array($checkbox_value, $matrix_role_permissions) ? ' checked="checked"' : '';
?>
<td class="text-center" title="<?php
echo $cols[$i]['role_name'];
?>
">
<input type="checkbox" value="<?php
echo $checkbox_value;
?>
"<?php
echo $checked;
?>
title="<?php
echo lang('matrix_role');
?>
</h1>
</div>
<nav id="secondary" role="navigation">
<ul class="bttn-toolbar">
<li class="sector-switcher">
<a class="bttn-sector bttn-dropdown" href="" data-dropdown="action-bttn"><strong>Call activity</strong></a>
<ul class="action-dropdown">
<li><a href="<?php
echo $survey->get_url_view();
?>
">Summary</a></li>
<?php
if (has_permission('manage respondents any survey')) {
?>
<li><a href="<?php
echo $survey->get_url_respondents();
?>
">Respondents</a></li>
<?php
}
?>
</ul>
</li>
</ul>
</nav>
</div>
<div style="border-bottom: 1px solid #999; padding: 5px 18px; color: #222;" <?php
echo 'class="' . $class . '"';
?>
>
<?php
e($row);
?>
</div>
<?php
}
?>
</div>
</div>
<?php
if (has_permission('Bonfire.Logs.Manage')) {
?>
<!-- Purge? -->
<div class="admin-box">
<h3><?php
echo lang('log_delete1_button');
?>
</h3>
<br/>
<?php
echo form_open(SITE_AREA . '/developer/logs');
?>
<div class="alert alert-warning fade in">
<a class="close" data-dismiss="alert">×</a>
<?php
<?php
render_search_box();
?>
</div>
<?php
if (isset($users) && is_array($users)) {
?>
<div class="scrollable">
<div class="list-view" id="user-list">
<?php
foreach ($users as $user) {
?>
<?php
if (isset($user) && has_permission('Permissions.' . $user->role_name . '.Manage')) {
?>
<div class="list-item with-icon" data-id="<?php
echo $user->id;
?>
" data-role="<?php
echo $user->role_name;
?>
">
<?php
echo gravatar_link($user->email, 32, '', $user->first_name . ' ' . $user->last_name);
?>
<p>
<?php
if (config_item('auth.use_own_names')) {
<?php
include_once '../../../includes/user.php';
include_once '../../../includes/topic.php';
include_once '../../../includes/thread.php';
include_once '../../../includes/post.php';
include_once '../../../includes/parsedown.php';
include_once '../../../includes/permissions.php';
session_start();
if (isset($_SESSION['user'])) {
if (has_permission($_SESSION['user'], 'CREATE_TOPIC')) {
if (isset($_POST['create-topic'])) {
if (isset($_GET['id'])) {
$topic_id = create_topic($_POST['title'], get_topic_by_id($_GET['id']));
header("HTTP/1.1 303 See Other");
header("Location: /forum/topic/?id=" . $topic_id);
} else {
$topic_id = create_topic($_POST['title']);
header("HTTP/1.1 303 See Other");
header("Location: /forum/topic/?id=" . $topic_id);
}
} else {
header("HTTP/1.1 400 Bad Request");
}
} else {
header("HTTP/1.1 403 Forbidden");
}
} else {
header("HTTP/1.1 403 Forbidden");
}
<td>
<?php
if (has_permission('Confirmation.Edit')) {
?>
<a class="btn btn-info edit" href="<?php
echo site_url('sacrement/editConfirmation/' . $confirmation['id_confirmation']);
?>
">
<i class="fa fa-edit"></i> Edit
</a>
<?php
}
?>
<?php
if (has_permission('Confirmation.Delete')) {
?>
<a class="btn btn-danger delete" href="<?php
echo site_url('settings/deleteConfirmation/' . $confirmation['id_confirmation']);
?>
">
<i class="fa fa-trash-o"></i> Delete
</a>
<?php
}
?>
</td>
<?php
}
?>
</tr>
?>
"><?php
echo $mod;
?>
</option>
<?php
}
?>
</select>
</div>
<?php
}
?>
<?php
if (has_permission('Activities.Date.Delete')) {
?>
<div class="box delete rounded">
<a class="button" id="delete-activity_date"><?php
echo lang('activity_date_delete');
?>
</a>
<?php
echo lang('activity_delete_date_note');
?>
<select id="activity_date_select">
<option value="all"><?php
echo lang('activity_all_dates');
?>
</option>
<b class="caret"></b></a>
<ul class="dropdown-menu">
<li>
<a href="<?php
echo site_url();
?>
">
<?php
echo lang('bf_home');
?>
</a>
</li>
<?php
if (has_permission('Site.Content.View')) {
?>
<li class="divider"></li>
<li>
<?php
echo anchor(SITE_AREA, 'Control Panel');
?>
</li>
<?php
}
?>
<li class="divider"></li>
<li>
<a href="<?php
echo site_url('users/profile');
<ul class="nav nav-pills">
<li <?php
echo $this->uri->segment(4) == '' ? 'class="active"' : '';
?>
>
<a href="<?php
echo site_url(SITE_AREA . '/settings/roles');
?>
"><?php
echo lang('role_roles');
?>
</a>
</li>
<?php
if (has_permission('Bonfire.Roles.Add')) {
?>
<li <?php
echo $this->uri->segment(4) == 'create' ? 'class="active"' : '';
?>
>
<a href="<?php
echo site_url(SITE_AREA . '/settings/roles/create');
?>
" id="create_new"><?php
echo lang('role_new_role');
?>
</a>
</li>
<?php
}
?>
public function delete()
{
$id = $this->uri->segment(5);
if (!empty($id)) {
$this->auth->restrict('Bonfire.Users.Manage');
$user = $this->user_model->find($id);
if (isset($user) && has_permission('Permissions.' . $user->role_name . '.Manage') && $user->id != $this->auth->user_id()) {
if ($this->user_model->delete($id)) {
$user = $this->user_model->find($id);
$log_name = config_item('auth.use_own_names') ? $this->auth->user_name() : (config_item('auth.use_usernames') ? $user->username : $user->email);
$this->activity_model->log_activity($this->auth->user_id(), lang('us_log_delete') . ': ' . $log_name, 'users');
Template::set_message('The User was successfully deleted.', 'success');
} else {
Template::set_message('We could not delete the user: '******'success');
}
} else {
if ($user->id == $this->auth->user_id()) {
Template::set_message(lang('us_self_delete'), 'error');
} else {
Template::set_message(sprintf(lang('us_unauthorized'), $user->role_name), 'error');
}
}
} else {
Template::set_message(lang('us_empty_id'), 'error');
}
redirect(SITE_AREA . '/settings/users');
}
echo form_dropdown('author', $users, $selection, 'class="span6" id="author"');
}
if (form_error('author')) {
echo '<span class="help-inline">' . form_error('author') . '</span>';
}
?>
<?php
} else {
echo find_author_name($selection);
}
?>
</div>
</div>
</fieldset>
<?php
if (has_permission('Site.News.Manage')) {
?>
<fieldset>
<legend><?php
echo lang('us_additional');
?>
</legend>
<div class="control-group <?php
echo form_error('category_id') ? 'error' : '';
?>
">
<label class="control-label"><?php
echo lang('us_category');
?>
</label>
</div>
<!-- End of Developer Settings Tab -->
<?php
}
if ($show_extended_settings) {
?>
<!-- Start of Extended Settings Tab Pane -->
<div class='tab-pane' id='extended'>
<fieldset>
<legend><?php
echo lang('set_option_extended');
?>
</legend>
<?php
foreach ($extended_settings as $field) {
if (empty($field['permission']) || has_permission($field['permission'])) {
$form_error_class = form_error($field['name']) ? ' error' : '';
$field_control = '';
if ($field['form_detail']['type'] == 'dropdown') {
echo form_dropdown($field['form_detail']['settings'], $field['form_detail']['options'], set_value($field['name'], isset($settings["ext.{$field['name']}"]) ? $settings["ext.{$field['name']}"] : ''), $field['label']);
} elseif ($field['form_detail']['type'] == 'checkbox') {
$field_control = form_checkbox($field['form_detail']['settings'], $field['form_detail']['value'], isset($settings["ext.{$field['name']}"]) && $field['form_detail']['value'] == $settings["ext.{$field['name']}"]);
} elseif ($field['form_detail']['type'] == 'state_select') {
if (!is_callable('state_select')) {
$this->load->config('address');
$this->load->helper('address');
}
$field_control = state_select(isset($settings["ext.{$field['name']}"]) ? $settings["ext.{$field['name']}"] : 'CA', 'CA', 'US', $field['name'], 'span6 chzn-select');
} elseif ($field['form_detail']['type'] == 'country_select') {
if (!is_callable('country_select')) {
$this->load->config('address');
?>
<div class="submits">
<input type="submit" name="submit" value="<?php
echo lang('bf_action_save');
?>
" /> <?php
echo lang('bf_or');
?>
<?php
echo anchor(SITE_AREA . '/settings/users', lang('bf_action_cancel'));
?>
</div>
<?php
if (isset($user) && has_permission('Permissions.' . $user->role_name . '.Manage') && $user->id != $this->auth->user_id()) {
?>
<div class="box delete rounded">
<a class="button" id="delete-me" href="<?php
echo site_url(SITE_AREA . '/settings/users/delete/' . $user->id);
?>
" onclick="return confirm('<?php
echo lang('us_delete_account_confirm');
?>
')"><?php
echo lang('us_delete_account');
?>
</a>
<?php
echo lang('us_delete_account_note');
<td><?php
echo $user->getLastLogin('Y-m-d H:i:s');
?>
</td>
<td><?php
echo $user->getCreatedAt('Y-m-d H:i:s');
?>
</td>
<td>
<div class="btn-group" role="group">
<a href="<?php
echo uri('siteuser/edit/' . $user->getId());
?>
" class="btn btn-xs btn-primary"><span class="fa fa-paste"></span> 编辑</a>
<?php
if (has_permission('管理所有客户')) {
?>
<a href="<?php
echo uri('siteuser/delete/' . $user->getId());
?>
" data-name="<?php
echo $user->getProfile()->getNickname();
?>
" data-uid="<?php
echo $user->getId();
?>
" class="btn btn-xs btn-danger delete"><span class="fa fa-times"></span> 删除</a>
<?php
}
?>
</div>
