示例#1
1
<?php

include 'include.php';
isAllowed();
if (!isset($_GET['id'])) {
    setFlash("action impossible.", "danger");
    redirect("accueil.php");
    die;
}
$follower = $_SESSION['profil']['id'];
$following = $_GET['id'];
$follow = unfollow($follower, $following);
if ($follow == 400) {
    setFlash("action impossible.", "danger");
    redirect('acceuil.php');
} elseif ($follow == 500) {
    setFlash('Nos services sont en panne, nous faisons notre possible pour régler le problème.', 'danger');
    redirect('serveur_down.php');
} elseif ($follow == 200) {
    setFlash("Cette personne a bien été retiré de vos abonnements");
    redirect('profil.php?id=' . $following);
} else {
    setFlash('Nos services sont en panne, nous faisons notre possible pour régler le problème.', 'danger');
    redirect('serveur_down.php');
}
示例#2
0
 <body>




<?php 
function isAllowed()
{
    $OK = $_GET['passwort'] == "123456";
    if ($OK) {
        return true;
    } else {
        return false;
    }
}
if (isAllowed()) {
    ?>

   <h1>Bestellungen</h1>

<?php 
    include "res/plist.php";
    ?>
<table border="0">

<tr bgcolor="#cccccc"><td>Name</td> 
                      <td>Vorname</td>
                      <td>Adresse</td>
                      <td>Plz</td>
                      <td>Ort</td>
                      <td>Tel.</td>
             if ($role != $row['role']) {
                 // Update role
                 echo 'Updating user <b>' . $handle . '</b> ...<br />';
                 $result = $dbh->execute($update, array($role, $handle, $id));
             }
         }
     }
     $pear_rest->savePackageMaintainerREST($package);
     $url = $self;
     if (!empty($_GET['pid'])) {
         $url .= "?pid=" . urlencode(strip_tags($_GET['pid']));
     }
     echo '<br /><b>Done</b><br />';
     echo '<a href="' . $url . '">Back</a>';
 } else {
     if (!isAllowed($id)) {
         PEAR::raiseError("Only the lead maintainer of the package or PEAR\n                          administrators can edit the maintainers.");
         response_footer();
         exit;
     }
     $package = htmlentities($dbh->getOne('SELECT name FROM packages WHERE id=?', array($id)), ENT_QUOTES);
     $bb = new BorderBox("Manage maintainers for {$package}", "100%");
     echo '<script src="/javascript/package-maintainers.js" type="text/javascript"></script>';
     echo '<form onSubmit="beforeSubmit()" name="form" method="get" action="' . $self . '">';
     echo '<input type="hidden" name="update" value="yes" />';
     echo '<input type="hidden" name="pid" value="' . $id . '" />';
     echo '<table border="0" cellpadding="0" cellspacing="4" border="0" width="100%">';
     echo '<tr>';
     echo '  <th>All users:</th>';
     echo '  <th></th>';
     echo '  <th>Package maintainers:</th>';
示例#4
0
文件: index.php 项目: hybr/jpm
<?php 
/**
* autoload.php has common logic for the framework
*/
include dirname(__FILE__) . '/../autoload.php';
?>


<?php 
$jpmContent = '';
$actionInstance = NULL;
try {
    $actionInstance = new $_SESSION['url_action']();
    if (method_exists($actionInstance, $_SESSION['url_task'])) {
        if (isAllowed(array($actionInstance->myModuleName()), $_SESSION['url_sub_task'])) {
            $jpmContent .= $actionInstance->{$_SESSION['url_task']}($urlArgsArray);
        } else {
            $jpmContent .= 'Sorry, No Access Please';
        }
    } else {
        echo 'invalid task ' . $_SESSION['url_task'];
    }
} catch (Exception $e) {
    echo 'invalid action ' . $_SESSION['url_action'] . $e->getMessage();
}
?>

<?php 
/**
* This is main home page code file, it has scheme based on domain name seperate home page is loaded
示例#5
0
<?php

$userMenu = new PipeMenu();
if ($loguserid) {
    $userMenu->add(new PipeMenuHtmlEntry(userLink($loguser)));
    if (isAllowed("editProfile")) {
        $userMenu->add(new PipeMenuLinkEntry(__("Edit profile"), "editprofile", "", "", "pencil"));
    }
    if (isAllowed("viewPM")) {
        $userMenu->add(new PipeMenuLinkEntry(__("Private messages"), "private", "", "", "envelope"));
    }
    if (isAllowed("editMoods")) {
        $userMenu->add(new PipeMenuLinkEntry(__("Mood avatars"), "editavatars", "", "", "picture"));
    }
    $bucket = "bottomMenu";
    include "./lib/pluginloader.php";
    if (!isset($_POST['id']) && isset($_GET['id'])) {
        $_POST['id'] = (int) $_GET['id'];
    }
    if (isset($user_panel)) {
        echo $user_panel;
    }
    $userMenu->add(new PipeMenuLinkEntry(__("Log out"), "", "", "", "signout", "document.forms[0].submit(); return false;"));
} else {
    $userMenu->add(new PipeMenuLinkEntry(__("Register"), "register", "", "", "user"));
    $userMenu->add(new PipeMenuLinkEntry(__("Log in"), "login", "", "", "signin"));
}
$layout_userpanel = $userMenu;
示例#6
0
<?php

if (isAllowed("viewAvatars")) {
    $navigation->add(new PipeMenuLinkEntry(__("Avatars"), "avatarlibrary"));
}
$command = isset($_GET['command']) ? strtolower($_GET['command']) : '';
require 'vendor/autoload.php';
require 'config.php';
use Aws\Common\Enum\DateFormat;
use Aws\S3\Model\MultipartUpload\UploadId;
use Aws\S3\S3Client;
$client = S3Client::factory(array('key' => AWS_KEY, 'secret' => AWS_SECRET));
function isAllowed()
{
    //wow, what a validator :P
    //WARNING: this is just a demonstration, convert it to your own need
    return $_REQUEST['otherInfo']['user'] == 'user' && $_REQUEST['otherInfo']['pass'] == 'pass';
}
switch ($command) {
    case 'createmultipartupload':
        if (!isAllowed()) {
            header(' ', true, 403);
            die('You are not authorized');
        }
        /* @var $multipartUploadModel UploadId */
        $model = $client->createMultipartUpload(array('Bucket' => BUCKET_NAME, 'Key' => $_REQUEST['fileInfo']['name'], 'ContentType' => $_REQUEST['fileInfo']['type'], 'Metadata' => $_REQUEST['fileInfo']));
        sendJson(array('uploadId' => $model->get('UploadId'), 'key' => $model->get('Key')));
        break;
    case 'signuploadpart':
        $command = $client->getCommand('UploadPart', array('Bucket' => BUCKET_NAME, 'Key' => $_REQUEST['sendBackData']['key'], 'UploadId' => $_REQUEST['sendBackData']['uploadId'], 'PartNumber' => $_REQUEST['partNumber'], 'ContentLength' => $_REQUEST['contentLength']));
        $request = $command->prepare();
        // This dispatch commands wasted a lot of my times :'(
        $client->dispatch('command.before_send', array('command' => $command));
        $request->removeHeader('User-Agent');
        $request->setHeader('x-amz-date', gmdate(DateFormat::RFC2822));
        // This dispatch commands wasted a lot of my times :'(
示例#8
0
<?php

$navigation = new PipeMenu();
if ($loguser['powerlevel'] >= 3 && isAllowed("viewAdminRoom")) {
    $navigation->add(new PipeMenuLinkEntry(__("Admin"), "admin", "", "", "cogs"));
}
$bucket = "topMenuStart";
include "./lib/pluginloader.php";
$navigation->add(new PipeMenuLinkEntry(Settings::get("menuMainName"), "board", "", "", "home"));
if (isAllowed("viewMembers")) {
    $navigation->add(new PipeMenuLinkEntry(__("Member list"), "memberlist", "", "", "group"));
}
if (isAllowed("viewRanks")) {
    $navigation->add(new PipeMenuLinkEntry(__("Ranks"), "ranks", "", "", "trophy"));
}
if (isAllowed("viewOnline")) {
    $navigation->add(new PipeMenuLinkEntry(__("Online users"), "online", "", "", "eye-open"));
}
if (isAllowed("search")) {
    $navigation->add(new PipeMenuLinkEntry(__("Search"), "search", "", "", "search"));
}
$navigation->add(new PipeMenuLinkEntry(__("Last posts"), "lastposts", "", "", "reorder"));
$bucket = "topMenu";
include "./lib/pluginloader.php";
$layout_navigation = $navigation;
示例#9
0
<?php

if (isAllowed("viewUploader")) {
    $navigation->add(new PipeMenuLinkEntry(__("Uploader"), "uploader", "", "", "cloud-upload"));
}
示例#10
0
    //Checking if resource access available
    if (isset($privilegesAvailable[$resource]) && true === $privilegesAvailable[$resource]) {
        return true;
    }
    return false;
}
/**
 * It is method that will check whether the user has permission
 *
 * @param string $resource resource name
 * @param string $permission permission type
 * @return boolean
 */
function isAllowed($resource, $privilege = '')
{
    $privilegesAvailable = $_SESSION['privilegedInfo']['privileges'];
    $privilegeToCheck = $resource . "-" . $privilege;
    //Checking if all access permission or current action access permission
    if (isset($privilegesAvailable[$resource . "-" . "all"]) && true === $privilegesAvailable[$resource . "-" . "all"] || isset($privilegesAvailable[$privilegeToCheck]) && true === $privilegesAvailable[$privilegeToCheck]) {
        return true;
    }
    return false;
}
//Checking access for current page
$path_parts = pathinfo($_SERVER['REQUEST_URI']);
$requestedResource = $path_parts['filename'];
$requestedAction = isset($_GET['action']) ? $_GET['action'] : '';
if (!isAllowed($requestedResource, $requestedAction)) {
    $_SESSION['acl_message'] = 'Sorry! You do not have permission to access ' . $requestedResource . ' ' . $requestedAction;
    header("Location: /dashboard.php");
}
示例#11
0
<section id="sidebar">
<?php 
if (isResourceAllowed($requestedResource)) {
    if (isset($_SESSION["userid"])) {
        ?>
    <h2><?php 
        echo ucfirst($requestedResource);
        ?>
 Menu</h2>
    <ul>
        <?php 
        echo isAllowed($requestedResource, 'view') ? '<li><a href="/' . $requestedResource . '.php?action=view">View</a></li>' : '';
        echo isAllowed($requestedResource, 'add') ? '<li><a href="/' . $requestedResource . '.php?action=add">Add</a></li>' : '';
        echo isAllowed($requestedResource, 'edit') ? '<li><a href="/' . $requestedResource . '.php?action=edit">Edit</a></li>' : '';
        echo isAllowed($requestedResource, 'delete') ? '<li><a href="/' . $requestedResource . '.php?action=delete">Delete</a></li>' : '';
        ?>
    </ul>
    <?php 
    }
}
?>
</section>
<div class="clear"></div>

<div class="clear"></div>
</section>
</div>
示例#12
0
<?php

if (isAllowed("viewCalendar") && !$isBot) {
    $navigation->add(new PipeMenuLinkEntry(__("Calendar"), "calendar", "", "", "calendar"));
}
    die("Invalid package or method");
}
//initialize database adapter
$dbAdapter = new Zend_Db_Adapter_Pdo_Mysql(array('host' => DB_HOST, 'dbname' => DB_NAME, 'username' => DB_USER, 'password' => DB_PASSWORD, 'charset' => 'utf8'));
Zend_Db_Table::setDefaultAdapter($dbAdapter);
session_start();
$userId = isset($_SESSION['userId']) ? $_SESSION['userId'] : null;
if (!empty($userId)) {
    $userTable = new Zend_Db_Table('User');
    $currentUser = $userTable->fetchRow($userTable->select()->from($userTable, array('id', 'email', 'fullname', 'isSupporter'))->where('id = ?', $userId));
    if (!empty($currentUser)) {
        Zend_Registry::set('currentUser', $currentUser);
    }
}
include_once 'acl.php';
$code = isAllowed($packageName, $methodName);
if ($code != 200) {
    header("HTTP/1.1 {$code} " . httpStatusCode($code));
    die;
}
//init the handler instance from packageName
$packagePath = implode(DIRECTORY_SEPARATOR, array(DIR_ROOT, 'handlers', $packageName)) . '.php';
if (!file_exists($packagePath)) {
    header('HTTP/1.1 404 Not Found');
    die("{$pkgName} is not found!");
}
include_once $packagePath;
$handlerClass = new $packageName();
$results = null;
if (!is_callable(array($handlerClass, $methodName))) {
    header('HTTP/1.1 404 Not Found');