示例#1
0
                 }
             }
             show_message("Attendies Updated", "index.php?page=calender&item={$itemid}&menuid={$menuid}");
         }
     }
     $sql = $data->select_query("profilefields", "WHERE place=2 AND eventid={$itemid} AND register=1 ORDER BY query ASC");
     $numfields = $data->num_rows($sql);
     $fields = array();
     while ($temp = $data->fetch_array($sql)) {
         $temp['options'] = unserialize($temp['options']);
         $fields[] = $temp;
     }
     $tpl->assign("numfields", $numfields);
     $tpl->assign("fields", $fields);
 }
 $edit = is_owner($item['id'], "events") ? true : false;
 $editlink = "index.php?page=mythings&cat=events&action=edit&id={$item['id']}&cal=1&menuid={$menuid}";
 $articlesql = $data->select_query("patrol_articles", "WHERE event_id={$item['id']} AND allowed=1 AND trash=0 ORDER BY title ASC", "ID, title");
 $numarticles = $data->num_rows($articlesql);
 $articlelist = array();
 while ($articlelist[] = $data->fetch_array($articlesql)) {
 }
 $sql = $data->select_query("calendar_downloads", "WHERE eid={$itemid}");
 $downloads = array();
 $numdownloads = 0;
 while ($temp = $data->fetch_array($sql)) {
     $temp1 = $data->select_fetch_one_row("downloads", "WHERE id={$temp['did']}", "name, cat");
     $temp['name'] = $temp1['name'];
     if ($downloadaccess != 1 && $temp['permission'] == 0) {
         $tempcat = $data->select_fetch_one_row("download_cats", "WHERE id={$temp1['cat']}");
         $auth = unserialize($tempcat['downauth']);
示例#2
0
			<ul>
				<?php 
if (is_editor()) {
    ?>
				<li><a href="/admin/posts">Manage posts</a></li>
				<li><a href="/admin/posts/new">Create a new post</a></li>
				<?php 
}
if (is_manager()) {
    ?>
				<li><a href="/admin/users">Manage users</a></li>
				<li><a href="/admin/users/new">Create a new user</a></li>
                <li><a href="/admin/users/block">Block users</a></li>
                <li><a href="/admin/users/unblock">Unblock users</a></li>
				<?php 
}
if (is_owner()) {
    ?>
				<li><a href="/admin/config">Control site configuration</a></li>
				<?php 
}
?>
			</ul>
		</div>
	</div>
	
	<?php 
include $_SERVER["DOCUMENT_ROOT"] . "/../includes/content.resources.php";
?>
</body>
</html>
示例#3
0
function block_users()
{
    $users = get_blocked_users();
    $ip_address = $_SERVER["REMOTE_ADDR"];
    if (!($_SERVER["REQUEST_URI"] === "/blocked" || $_SERVER["REQUEST_URI"] === "/blocked/") && strpos($_SERVER["REQUEST_URI"], "/res") === false && !is_owner()) {
        foreach ($users as $user) {
            if ($user["ip"] == $ip_address) {
                header("Location: /blocked");
            }
        }
    }
}
$text->acode = $acode;
print_spacer(20);
print_heading(format_string(get_string('correction', 'blended')));
print_box(format_text(get_string('deletescanjobdesc', 'blended', $text)), 'generalbox', 'intro');
print_spacer(20);
$mform = new deleteForm();
$mform->_form->addElement('hidden', 'id', $id);
$mform->_form->addElement('hidden', 'a', $a);
$mform->_form->addElement('hidden', 'acode', $acode);
$mform->_form->addElement('hidden', 'scanjobid', $scan->id);
$mform->_form->addElement('hidden', 'jobname', $scan->scan_name);
if (!$mform->is_cancelled() && ($data = $mform->get_data())) {
    $acode = $data->acode;
    $continue = "{$CFG->wwwroot}/mod/blended/scan.php?&a={$a}";
    $continuescanned = "{$CFG->wwwroot}/mod/blended/scan.php?&a={$a}&jobid={$scanjobid}";
    $owner = is_owner(0, $scan->id);
    if (has_capability('mod/blended:deletescanjob', $context) and $owner or has_capability('mod/blended:deleteall', $context)) {
        blended_delete_scan_job($scan);
        echo "<CENTER>El trabajo ha sido eliminado.</CENTER><BR>";
    } else {
        echo "<CENTER>No cuenta con permisos suficientes para realizar la acción.</CENTER><BR>";
    }
    print_continue($continue);
    //$redirect = 'scannedJob.php?id=$course->id&a=$a&jobname=$jobname';
    //		redirect($redirect,'');
} elseif ($mform->is_cancelled()) {
    //you need this section if you have a cancel button on your form
    //here you tell php what to do if your user presses cancel
    //probably a redirect is called for!
    echo "<CENTER>El proceso ha sido cancelado.</CENTER><BR>";
    print_continue($continuescanned);
示例#5
0
            echo "<CENTER>No cuenta con permisos suficientes para realizar la acción.</CENTER><BR>";
        }
        print_continue($continue);
    } elseif ($page == 'scannedJob.php') {
        if ($acode !== 0) {
            $owner = is_owner($acode, 0);
            if (has_capability('mod/blended:deletequiz', $context) and $owner or has_capability('mod/blended:deleteall', $context)) {
                delete_quiz($data);
                echo "<CENTER>El cuestionario ha sido eliminado.</CENTER><BR>";
            } else {
                echo "<CENTER>No cuenta con permisos suficientes para realizar la acción.</CENTER><BR>";
            }
            print_continue($continuescanned);
        }
        if ($acode == 0) {
            $owner = is_owner(0, $jobid);
            if (has_capability('mod/blended:deletescanjob', $context) and $owner or has_capability('mod/blended:deleteall', $context)) {
                delete_image($data);
                echo "<CENTER>La imagen ha sido eliminada.</CENTER><BR>";
            } else {
                echo "<CENTER>No cuenta con permisos suficientes para realizar la acción.</CENTER><BR>";
            }
            print_continue($continuescanned);
        }
    } else {
        error("Unknown referrral page: {$page}");
    }
    //$redirect = 'scannedJob.php?id=$course->id&a=$a&jobname=$jobname';
    //		redirect($redirect,'');
} elseif ($mform->is_cancelled()) {
    //you need this section if you have a cancel button on your form
    redirect("/prihlasenie");
}
// získame id článku z url adresy
$post_id = segment(2);
// ak sa tam žiadne id článku nenachádzalo, zobrazíme 404 stránku
if (!$post_id) {
    show_404();
}
// získame dáta o článku
$post = get_post($post_id);
// ak sme nezískali žiadne dáta, článok neexistuje a zobrazíme 404 stránku
if (!$post) {
    show_404();
}
// ak prihlásený užívateľ nie je majteľom článku, zobrazíme 404 stránku
if (!is_owner($post)) {
    show_404();
}
// ak bol na túto stránku odoslaný formulár...
if (is_post()) {
    // ... vymažeme článok ...
    if (delete_post($post_id)) {
        // ... a ak sa úspešne vymazal, presmerujeme na úvodnú stránku
        redirect();
    }
}
include_header(array("title" => "Vymazanie článku"));
?>

    <h1 class="text-center">Vymazanie článku</h1>
示例#7
0
    $tpl->assign("rss", $rss);
    $tpl->assign("numarts", $numarts);
    $tpl->assign("patrolarts", $patrolarts);
    $tpl->assign("art", $art);
} elseif ($action == "view" && $id != 'NULL') {
    $mode = "viewarticle";
    $highlight = unserialize(stripslashes(html_entity_decode($_GET['highlight'])));
    $editFormAction = $_SERVER['PHP_SELF'];
    if (isset($_SERVER['QUERY_STRING'])) {
        $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
    }
    $tpl->assign('editFormAction', $editFormAction);
    $showarticle = 'yes';
    $sql = $data->select_query("patrol_articles", "WHERE ID={$id} AND allowed=1 AND trash=0");
    $article = $data->fetch_array($sql);
    $edit = is_owner($article['ID'], "articles") ? true : false;
    $editlink = "index.php?page=mythings&amp;cat=articles&amp;action=edit&amp;id={$article['ID']}&amp;menuid={$menuid}";
    if ($article['album_id'] != 0) {
        $photo = $data->select_fetch_all_rows($number_of_photos, "photos", "WHERE album_id={$article['album_id']}");
        $scriptList['gallery'] = 1;
        $tpl->assign("photo", $photo);
        $tpl->assign("number_of_photos", $number_of_photos);
    }
    if (isset($article['event_id'])) {
        $event = $data->select_fetch_one_row("calendar_items", "WHERE id = {$article['event_id']} AND trash=0", "id, summary, startdate, enddate");
        $tpl->assign("event", $event);
    }
    $article['relatedlist'] = '';
    $article['related'] = unserialize($article['related']);
    $num = 1;
    $topicid = $_GET['tid'];
示例#8
0
if (CHV\getSetting('theme_custom_js_code')) {
    ?>
<script><?php 
    echo CHV\getSetting('theme_custom_js_code');
    ?>
</script>
<?php 
}
?>

</head>

<?php 
G\Render\include_theme_file('custom_hooks/header');
if (!G\isPreventedRoute() and in_array(G\get_route_name(), ['user', 'image']) && !is_404()) {
    $body_class = (G\is_route("image") or G\is_route("user") and get_user()["background"] or is_owner() or is_admin()) ? " no-margin-top" : "";
}
if (G\Handler::getRoute() == 'index') {
    $body_class = CHV\Settings::get('homepage_style');
}
if (G\Handler::getRoute() == 'index' and in_array($body_class, ['landing', 'split'])) {
    ?>
<style>
#home-cover {
	background-image: url(<?php 
    echo CHV\get_system_image_url(CHV\Settings::get('homepage_cover_image'));
    ?>
);
}
</style>
<?php 
示例#9
0
}
# Lock folder with password
if (!empty($_POST['pass']) && !empty($_POST['id']) && !empty($_POST['confirm']) && is_owner($_POST['id']) && $_POST['confirm'] == $_POST['pass']) {
    $id = $_POST['id'];
    $file = id2file($id);
    $password = blur_password($_POST['pass']);
    # turn normal share id into password hashed id
    $ids = unstore();
    unset($ids[$id]);
    $ids[$password . $id] = $file;
    store($ids);
    header('location:index.php?p=admin&token=' . TOKEN);
    exit;
}
# Handle folder share with users
if (!empty($_POST['share']) && is_owner($_POST['share'])) {
    $folder_id = $_POST['share'];
    $users = $auto_restrict['users'];
    unset($users[$_SESSION['login']]);
    $shared_with = load_folder_share();
    $sent = array_flip($_POST['users']);
    foreach ($users as $login => $data) {
        if (isset($sent[$login])) {
            # User checked: add share
            $shared_with[$login][$folder_id] = array('folder' => id2file($folder_id), 'from' => $_SESSION['login']);
        } else {
            # User not checked: remove share if exists
            if (isset($shared_with[$login][$folder_id])) {
                unset($shared_with[$login][$folder_id]);
            }
        }
示例#10
0
function edit_progtot()
{
    $out =& $GLOBALS['page'];
    $out->setWorkingZone('content');
    $lang =& DoceboLanguage::createInstance('project', "lms");
    // Controllo che l'utente non cerchi di entrare in progetti a cui non e' iscritto.
    $id = $_GET["id"];
    $itemid = importVar("itemid");
    $myprj = user_projects(Docebo::user()->getIdSt());
    $view_perm = checkPerm('view', true);
    if ($view_perm && in_array($id, $myprj) && (is_owner(Docebo::user()->getIdSt(), $id) || is_admin(Docebo::user()->getIdSt(), $id))) {
        //area title
        $out->add(getTitleArea($lang->def("_PROJECT_MANAGER"), "project"));
        $out->add('<div class="std_block">');
        if (isset($_POST["applychanges"])) {
            $progtot = (int) $_POST["progtot"];
            $query = sql_query("UPDATE " . $GLOBALS["prefix_lms"] . "_prj SET pprog='{$progtot}' WHERE id='{$id}' LIMIT 1;");
            @Util::jump_to(" index.php?modname=project&op=showprj&id={$id}");
        }
        $out->add("<form method=\"post\" action=\"index.php?modname=project&amp;op=editprogtot&amp;id={$id}\">\n" . '<input type="hidden" id="authentic_request_prj" name="authentic_request" value="' . Util::getSignature() . '" />');
        // progresso totale: ___%
        $query = sql_query("SELECT * FROM " . $GLOBALS["prefix_lms"] . "_prj WHERE id='{$id}' LIMIT 1;");
        $row = mysql_fetch_array($query);
        $out->add($lang->def("_PRJPROGTOT") . ":\n");
        $out->add("<input type=\"text\" size=\"3\" id=\"progtot\" name=\"progtot\" value=\"" . (int) $row["pprog"] . "\" />%<br /><br />\n");
        $out->add("<input type=\"hidden\" id=\"applychanges\" name=\"applychanges\" value=\"1\" />\n");
        $out->add("<input class=\"button\" type=\"submit\" value=\"" . $lang->def("_SAVE") . "\" />\n");
        $out->add("</form><br />\n");
        //		$out->add("<div align=\"center\"><b>[ <a href=\"index.php?modname=project&amp;op=showprj&amp;id=$id\">".$lang->def("_BACK")."</a> ]</b></div>\n");
        $url = "index.php?modname=project&amp;op=showprj&amp;id=" . $id;
        $out->add(getBackUi($url, $lang->def('_BACK')));
        $out->add('<br /></div>');
    } else {
        die("You can't access");
    }
}
示例#11
0
            if (!is_dir(dirname('thumbs/' . $_SESSION['upload_root_path'] . $_SESSION['upload_user_path'] . $destination))) {
                mkdir(dirname('thumbs/' . $_SESSION['upload_root_path'] . $_SESSION['upload_user_path'] . $destination), 0744, true);
            }
            rename(get_thumbs_name($file), get_thumbs_name($destination));
            // changer le chemin dans l'id
            $id = file2id($file);
            $ids = unstore();
            $ids[$id] = $destination;
            store($ids);
        }
    }
    header('location:index.php?p=admin&token=' . returnToken());
    exit;
}
// protéger un dossier avec un mot de passe
if (!empty($_POST['password']) && !empty($_POST['id']) && is_owner($_POST['id'])) {
    $id = $_POST['id'];
    $file = id2file($id);
    $password = blur_password($_POST['password']);
    // turn normal share id into password hashed id
    $ids = unstore();
    unset($ids[$id]);
    $ids[$password . $id] = $file;
    store($ids);
    header('location:index.php?p=admin&token=' . returnToken());
    exit;
}
if ($_FILES) {
    include 'core/auto_dropzone.php';
    exit;
}
示例#12
0
function show_comment($values)
{
    $blog_name = $values['blog_name']['value'];
    $post_id = $values['post_id']['value'];
    if (is_owner($blog_name)) {
        update_db(array('hidden' => 0), 'comments', 'id=' . $values['comment_id']['value'] . '');
    }
    header('Location: ../index.php?page=' . $blog_name . '&admin_page=show_comments&postid=' . $post_id . '');
}
示例#13
0
文件: core.php 项目: Pluxopolis/BoZoN
function burned($id)
{
    if ($id[0] == '*' && !isset($_GET['thumbs'])) {
        if (!is_user_connected() || !is_owner($id)) {
            removeID($id);
        }
    }
}
示例#14
0
}
# Lock folder with password
if (!empty($_POST['password']) && !empty($_POST['id']) && is_owner($_POST['id'])) {
    $id = $_POST['id'];
    $file = id2file($id);
    $password = blur_password($_POST['password']);
    # turn normal share id into password hashed id
    $ids = unstore();
    unset($ids[$id]);
    $ids[$password . $id] = $file;
    store($ids);
    header('location:index.php?p=admin&token=' . returnToken());
    exit;
}
# Handle folder share with users
if (!empty($_GET['users']) && !empty($_GET['share']) && is_owner($_GET['share'])) {
    $folder_id = $_GET['share'];
    $users = $auto_restrict['users'];
    unset($users[$_SESSION['login']]);
    $shared_with = load_folder_share();
    $sent = array_flip($_GET['users']);
    foreach ($users as $login => $data) {
        if (isset($sent[$login])) {
            # User checked: add share
            $shared_with[$login][$folder_id] = array('folder' => id2file($folder_id), 'from' => $_SESSION['login']);
        } else {
            # User not checked: remove share if exists
            if (isset($shared_with[$login][$folder_id])) {
                unset($shared_with[$login][$folder_id]);
            }
        }
示例#15
0
    ?>
        </div>
		<?php 
}
?>

    </div>
	
	<div id="content-listing-tabs" class="tabbed-listing">
        <div id="tabbed-content-group">
            <?php 
G\Render\include_theme_file("snippets/listing");
?>
        </div>
    </div>
	
</div>

<?php 
G\Render\include_theme_footer();
?>

<?php 
if ((is_owner() or is_admin()) and isset($_REQUEST["deleted"])) {
    ?>
<script>PF.fn.growl.expirable("<?php 
    _se('The content has been deleted.');
    ?>
");</script>
<?php 
}
示例#16
0
                    <?php 
            }
            ?>
                <?php 
        }
        ?>
            </div>

            <div class="post-teaser">
                <?php 
        echo $post["teaser"];
        ?>
            </div>

            <?php 
        if (is_owner($post)) {
            ?>
                <div class="post-action">
                    <a class="link link-edit" href="<?php 
            echo $post["link_edit"];
            ?>
"><strong>Editovať</strong></a>
                    <a class="link link-delete" href="<?php 
            echo $post["link_delete"];
            ?>
"><strong>Vymazať</strong></a>
                </div>
            <?php 
        }
        ?>
示例#17
0
 function delete_answer($id)
 {
     $webboard_answer = new Webboard_answer($id);
     if (is_login('Administrator') or is_owner($webboard_answer->user_id)) {
         if ($id) {
             $webboard_answer = new webboard_answer($id);
             $topic_id = $webboard_answer->webboard_quiz->id;
             $webboard_answer->delete();
             set_notify('success', 'ลบคำตอบเรียบร้อย');
         }
         redirect('webboards/view_topic/' . $topic_id);
     } else {
         $webboard_answer = new webboard_answer($id);
         $topic_id = $webboard_answer->webboard_quiz->id;
         set_notify('error', 'ไม่สามารถเข้าถึงได้');
         redirect('webboards/view_topic/' . $topic_id);
         redirect($site_redirect);
     }
 }
示例#18
0
							<?php if($webboard_quizs->webboard_answer->result_count() > 15):?>
								<img src="themes/gcdnew/images/ico_hit.png" alt="กระทู้น่าสนใจ" title="กระทู้น่าสนใจ">
							<?php else:?>
								<?php if($webboard_quizs->type == "normal"):?>
								<img src="themes/gcdnew/images/ico_regular.png" alt="กระทู้ปกติ" title="กระทู้ปกติ" height="24" width="24">
								<?php elseif($webboard_quizs->type == "vote"):?>
								<img src="themes/gcdnew/images/ico_pollboard.png" alt="โพล" title="โพล" height="24" width="24">
								<?php endif;?>
							<?php endif;?>
						<?php endif;?>
						
                  <br><img src="themes/gcdnew/images/ico_time.png" style="margin-bottom: -2px;" height="12" width="12"> <span class="f10"><?php echo mysql_to_th($webboard_ans->created,'S',TRUE)?> <?php if($webboard_quizs->group_id != 0):?>(<?php echo lang_decode($webboard_quizs->group->name,'th')?>)<?php endif;?></span>
                  <div class="boxrequestdel"><img src="themes/gcdnew/images/ico_deletepost.gif" height="11" width="11"> <a rel="lightbox" href="webboards/relate/<?php echo $webboard_quizs->id?>/<?php echo $webboard_ans->id ?>?iframe=true&width=350&height=200" class="link_prev">แจ้งลบความคิดเห็นนี้</a> | <img src="themes/gcdnew/images/ico_refpost.gif" height="11" width="11"> <a href="webboards/reply/<?php echo $webboard_quizs->id?>/<?php echo $webboard_ans->id?>/quote" class="link_prev">อ้างถึงข้อความนี้</a></div>
                  </div>
					<div class="post">
						<?php if(is_owner($webboard_ans->user_id)):?>
								<div style="float:right;"><a href="webboards/reply/<?php echo $webboard_quizs->id?>/<?php echo $webboard_ans->id?>/edit">แก้ไข</a> | <a href="webboards/delete_answer/<?php echo $webboard_ans->id?>" onclick="return confirm('ต้องการลบความเห็นนี้?')">ลบ</a></div>
						<?php endif;?>
	                  	<?php echo censor(link_filter($webboard_ans->detail))?>
						
						<?php if($webboard_ans->user->profile->signature != ""):?>
						<div>
							<img src="themes/gcdnew/images/sigline.gif" style="margin:5px 0; display:block;">
							<?php echo $webboard_ans->user->profile->signature?>
						</div>
						<?php endif;?>
						
					</div>
                  </td>
                  </tr>
				  <?php endforeach; ?>
示例#19
0
}
/*************Display album on screen******************/
if ($albumid != 0) {
    //First get check if the album exists
    $sql = $data->select_query("album_track", " WHERE ID = {$albumid} AND allowed=1");
    $number_albums = $data->num_rows($sql);
    $album_info = $data->fetch_array($sql);
    $view_album_name = censor($album_info['album_name']);
    if ($number_albums == 0 && !$inarticle) {
        show_message_back("No such album");
    } elseif ($number_albums == 0 && $inarticle) {
        $number_of_photos = 0;
    } else {
        if (!$inarticle) {
            $pagenum = 2;
            $edit = is_owner($album_info['ID'], "album") ? true : false;
            $editlink = "index.php?page=mythings&cat=album&action=edit&id={$album_info['ID']}&menuid={$menuid}";
            $articlesql = $data->select_query("patrol_articles", "WHERE album_id={$album_info['ID']} AND allowed=1 ORDER BY title ASC", "ID, title");
            $numarticles = $data->num_rows($articlesql);
            $articlelist = array();
            while ($articlelist[] = $data->fetch_array($articlesql)) {
            }
            $tpl->assign("numarticles", $numarticles);
            $tpl->assign("articlelist", $articlelist);
        }
        $next = false;
        $prev = false;
        //then get photo file names and captions from database
        $photosql = $data->select_query("photos", "WHERE album_id = {$albumid} AND allowed = 1 ORDER BY date ASC");
        $number_of_photos = $data->num_rows($photosql);
        $limit = $config['pagephoto'] == 1 ? $limit : $number_of_photos;
示例#20
0
<?php

require_once $_SERVER["DOCUMENT_ROOT"] . "/../includes/base.php";
if (!is_owner()) {
    http_response_code(404);
    header("Location: /error/404/not-found");
}
?>
<!DOCTYPE html>
<html>
<head>
	<?php 
include $_SERVER["DOCUMENT_ROOT"] . "/../includes/content.head.php";
?>
	<title><?php 
echo get_config_value("site", "title");
?>
 | Admin - Configuration</title>
</head>
<body>
	<div class="component-left">
		<div class="container container-center">
			<?php 
include $_SERVER["DOCUMENT_ROOT"] . "/../includes/content.sidebar_left.php";
?>
		</div>
	</div>
	<div class="component-right">
		<div class="container container-padded">
			<h3>Site Configuration</h3>
			<p>Below is the site configuration file. You can freely edit this to change things about the site, but be careful.</p>