protected function processValid()
 {
     global $cfg;
     $db = Database::getInstance($cfg['DPS']['dsn']);
     $dir = pg_escape_string($this->fieldData['rootdir']);
     $auth = Auth::getInstance();
     $userID = $auth->getUserID();
     if (is_numeric($dir)) {
         $sql_update['name'] = $this->fieldData['dirtext'];
         $swhere = "id = " . pg_escape_string($dir);
         $db->update('dir', $sql_update, $swhere, true);
         $sql = "SELECT count(*) FROM v_tree_dir\n\t\t\t\tWHERE id = {$dir}\n\t\t\t\t\tAND\tuserid = {$userID}\n\t\t\t\t\tAND permissions & B'" . $cfg['DPS']['fileO'] . "' = '" . $cfg['DPS']['fileO'] . "'";
         if ($db->getOne($sql) > 0) {
             $where = "dirid = {$dir} AND groupid = " . $cfg['DPS']['allusersgroupid'];
             $db->delete('dirgroups', $where, $true);
             if ($this->fieldData['dirperm'] == 'pubrw') {
                 $dirI['dirid'] = $dir;
                 $dirI['groupid'] = $cfg['DPS']['allusersgroupid'];
                 $dirI['permissions'] = $cfg['DPS']['fileRW'];
                 $db->insert('dirgroups', $dirI, false);
             } elseif ($this->fieldData['dirperm'] == 'pubr') {
                 $dirI['dirid'] = $dir;
                 $dirI['groupid'] = $cfg['DPS']['allusersgroupid'];
                 $dirI['permissions'] = $cfg['DPS']['fileR'];
                 $db->insert('dirgroups', $dirI, false);
             } else {
                 $dirI['dirid'] = $dir;
                 $dirI['groupid'] = $cfg['DPS']['allusersgroupid'];
                 $dirI['permissions'] = $cfg['DPS']['file'];
                 $db->insert('dirgroups', $dirI, false);
             }
         }
     }
 }
 protected function setupTemplate()
 {
     global $cfg;
     parent::setupTemplate();
     $auth = Auth::getInstance();
     $ID = $this->fieldData['guid'];
     $realmID = substr($this->fieldData['id'], 3);
     $type = $this->fieldData['treeUser'];
     if (stristr($_SERVER["HTTP_ACCEPT"], "application/xhtml+xml")) {
         header("Content-type: application/xhtml+xml");
     } else {
         header("Content-type: text/xml");
     }
     if ($type == 'group') {
         $treeInfo = AuthSubRealmViewer::singleRealmTree($realmID, $ID, true);
     } else {
         $treeInfo = AuthSubRealmViewer::singleRealmTree($realmID, $ID, false);
     }
     echo "<?xml version='1.0' encoding='iso-8859-1'?>\n";
     if ($realmID == 0) {
         $realmID = 0;
     } else {
         $realmID = "rlm" . $realmID;
     }
     $treeInfo = '<tree id="' . $realmID . '">' . $treeInfo . '</tree>';
     echo $treeInfo;
 }
示例#3
0
 public function init()
 {
     $data = $_REQUEST;
     if (isset($data[Profile::GET_CHANGE_PASSWORD_BUTTON])) {
         if (strlen($data[Profile::GET_CHANGE_PASSWORD]) > 0) {
             if (!User::passwordIsValid($data[Profile::GET_CHANGE_PASSWORD])) {
                 Flight::redirect($_SERVER['REDIRECT_URL'] . '?success=0');
             } else {
                 $user = Auth::getInstance()->getUser();
                 $user->password = User::getHashPassword(trim(strip_tags($data[Profile::GET_CHANGE_PASSWORD])), $user->login);
                 $user->save();
                 Flight::redirect($_SERVER['REDIRECT_URL'] . '?success=1');
                 return true;
             }
         }
         if (strlen($data[Profile::GET_CHANGE_PHONE]) > 0) {
             if (!User::validatePhone(trim($data[Profile::GET_CHANGE_PHONE]))) {
                 Flight::redirect($_SERVER['REDIRECT_URL'] . '?success=2');
             } else {
                 $user = Auth::getInstance()->getUser();
                 $user->number = trim($data[Profile::GET_CHANGE_PHONE]);
                 $user->save();
                 Flight::redirect($_SERVER['REDIRECT_URL'] . '?success=1');
                 return true;
             }
         }
     }
 }
 protected function setupTemplate()
 {
     global $cfg;
     parent::setupTemplate();
     $db = Database::getInstance($cfg['DPS']['dsn']);
     $auth = Auth::getInstance();
     $userID = $auth->getUserID();
     $audioID = pg_escape_string($this->fieldData['audioID']);
     $sql = "SELECT jinglepkgid FROM audiojinglepkgs WHERE audioid = {$audioID}";
     $jinglepkgID = $db->getOne($sql);
     $sql = "SELECT name FROM jinglepkgs WHERE id = {$jinglepkgID}";
     $currentpkg = $db->getOne($sql);
     if ($currentpkg == '') {
         $currentpkg = 'Default';
     }
     $sql = "SELECT title FROM audio WHERE id = {$audioID}";
     $jinglename = $db->getOne($sql);
     $sql = "SELECT name, id FROM jinglepkgs";
     $jinglepkgs = $db->getAll($sql);
     $this->assign('access_playlist', AuthUtil::getDetailedUserrealmAccess(array(3, 21, 33), $userID));
     $this->assign('access_sue', AuthUtil::getDetailedUserrealmAccess(array(24, 20, 3), $userID));
     $this->assign('Admin', AuthUtil::getDetailedUserrealmAccess(array(1), $userID));
     $this->assign('jinglepkgs', $jinglepkgs);
     $this->assign('currentpkg', $currentpkg);
     $this->assign('currentpkgid', $jinglepkgID);
     $this->assign('jinglename', $jinglename);
     $this->assign('jingleID', $audioID);
 }
示例#5
0
 public function action_edit($id)
 {
     if (!Auth::getInstance()->getRights($this->getName(), 'view')) {
         // тут можно смотреть, но редактирование(запуск) проверяется в виде(view)
         return $this->view->getMessage('Нет прав на редактирование');
     }
     $rec = $this->model->getRecord($id);
     if ($rec[mp]) {
         $rec[mp][mplink] = $this->actUri('masterplate', $id)->url();
     }
     if ($rec[zadel] > 0) {
         $rec[zadellink] = $this->actUri('zadel', $id)->url();
         // создать AJAX ссылку для кнопки
     }
     $mpp = false;
     for ($i = 0; $i < $rec[parties]; $i++) {
         if ($rec[party][$i][party]) {
             // в дозапуске указываем количество запуска и меняем его если надо скриптом см. ниже
             $rec[party][$i][sllink] = $this->actUri('sl', $id, $rec[party][$i][party], $rec[block][boardinorder])->url();
         }
         $mpp = $rec[party][$i][type] == "mpp" || $mpp;
     }
     if ($mpp) {
         $rec[block][boardinorder] = "<input type='text' value='{$rec[block][boardinorder]}' size='4' id='boardinorder'/><script>\n                    \$('#boardinorder').change(function(){ \n                    var sstr = \$(this).val();\n                    \$('.partybuttonlink').each(function(){\n                        var str=\$(this).attr('href');\n                        str = str.replace(new RegExp('lanch_nzap%5Bsl%5D%5B2%5D=[0-9]+'),'lanch_nzap%5Bsl%5D%5B2%5D='+sstr); \n                        \$(this).attr('href',str);\n                    });\n                    });\n                </script>";
     }
     return $this->getMessage($this->view->showrec($rec));
 }
示例#6
0
 public function init()
 {
     $data = $_REQUEST;
     if (isset($data[Profile::GET_CHANGE_PASSWORD_BUTTON])) {
         $user = Auth::getInstance()->getUser();
         if (strlen(trim($data[Profile::GET_CHANGE_MAIL])) > 0) {
             if ($user->email != trim($data[Profile::GET_CHANGE_MAIL])) {
                 if (User::validEmail(trim(strip_tags($data[Profile::GET_CHANGE_MAIL])))) {
                     $user->email = trim(strip_tags($data[Profile::GET_CHANGE_MAIL]));
                     $user->password = User::getHashPassword($user->password, strtolower($user->email));
                 } else {
                     Flight::redirect($_SERVER['REDIRECT_URL'] . '?success=2');
                 }
             }
         }
         if (strlen(trim($data[Profile::GET_CHANGE_PASSWORD])) > 0) {
             if (!User::passwordIsValid($data[Profile::GET_CHANGE_PASSWORD])) {
                 Flight::redirect($_SERVER['REDIRECT_URL'] . '?success=0');
             } else {
                 $user->password = User::getHashPassword(trim(strip_tags($data[Profile::GET_CHANGE_PASSWORD])), strtolower($user->email));
             }
         }
         $user->save();
         Flight::redirect($_SERVER['REDIRECT_URL'] . '?success=1');
         return true;
     }
 }
 /**
  *
  * The username to be logged in is taken from the $fieldData class 
  * variable
  */
 public function isValid(&$password)
 {
     $user = $this->fieldData['authUser'];
     $auth = Auth::getInstance();
     $flag = false;
     BasicLogger::logMessage("checking login for '{$user}'", self::module, 'debug');
     if ($auth->attemptLogin($user, $password)) {
         BasicLogger::logMessage("successful login for '{$user}'", self::module, 'debug');
         $flag = true;
     } else {
         BasicLogger::logMessage("failed login for '{$user}'", self::module, 'debug');
         $flag = "Invalid username or password";
     }
     if (is_null($auth->getUserID())) {
         $Nuser = array();
         $Nuser['username'] = $auth->getUser();
         $Nuser['enabled'] = 't';
         $Nuser['id'] = "#id#";
         $db = Database::getInstance($cfg['Auth']['dsn']);
         $userID = $db->insert('users', $Nuser, true);
         if (isset($cfg['Auth']['defaultNewUserGroup'])) {
             $group = array();
             $group['groupid'] = $cfg['Auth']['defaultNewUserGroup'];
             $group['userid'] = $userID;
             $db->insert('usersgroups', $group, true);
         }
         $auth->attemptLogin();
         BasicLogger::logMessage("new user created for for '{$user}'", self::module, 'debug');
     }
     return $flag;
 }
 protected function setupTemplate()
 {
     global $cfg;
     parent::setupTemplate();
     $db = Database::getInstance($cfg['DPS']['dsn']);
     $auth = Auth::getInstance();
     $userID = $auth->getUserID();
     $scriptID = pg_escape_string($this->fieldData['scriptID']);
     if (!is_numeric($scriptID)) {
         $this->assign('permError', 't');
     } else {
         $sql = "SELECT count(*) FROM v_tree_script\n\t\t\t\tWHERE id = {$scriptID}\n\t\t\t\t\tAND\tuserid = {$userID}\n\t\t\t\t\tAND permissions & B'" . $cfg['DPS']['fileW'] . "' = '" . $cfg['DPS']['fileW'] . "'";
         if ($db->getOne($sql) > 0) {
             $sql = "SELECT dirid FROM scriptsdir\n\t\t\t\t\tWHERE scriptid = {$scriptID}";
             $dirID = $db->getOne($sql);
             "SELECT count(*) FROM v_tree_dir\n\t\t\t\t\tWHERE id = {$dirID}\n\t\t\t\t\t\tAND\tuserid = {$userID}\n\t\t\t\t\t\tAND permissions & B'" . $cfg['DPS']['fileW'] . "' = '" . $cfg['DPS']['fileW'] . "'";
             if ($db->getOne($sql) > 0) {
                 $flag = true;
             }
         }
         if ($flag) {
             $sql = "SELECT * FROM scripts WHERE id = {$scriptID}";
             $script = $db->getRow($sql);
             $sql = "SELECT count(*) FROM v_tree_script\n\t\t\t\t\tWHERE id = {$scriptID}\n\t\t\t\t\t\tAND\tuserid = {$userID}\n\t\t\t\t\t\tAND permissions & B'" . $cfg['DPS']['fileO'] . "' = '" . $cfg['DPS']['fileO'] . "'";
             $check = $db->getOne($sql);
             if ($check > 0) {
                 $this->assign('own', 't');
             }
             $this->assign('script', $script);
             $this->assign('treeType', '');
         } else {
             $this->assign('permError', 't');
         }
     }
 }
 protected function setupTemplate()
 {
     global $cfg;
     parent::setupTemplate();
     $db = Database::getInstance($cfg['DPS']['dsn']);
     $trackIDs = explode(";", $this->fieldData['trackID']);
     $tracksDetails = array();
     foreach ($trackIDs as $trackID) {
         $sql = "SELECT audio.*, albums.name AS album \n\t\t\tFROM audio, albums \n\t\t\tWHERE audio.music_album = albums.id \n\t\t\t\tAND audio.id = " . pg_escape_string($trackID);
         $trackDetails = $db->getRow($sql);
         $sql = "SELECT DISTINCT artists.name AS name \n\t\t\tFROM artists, audioartists \n\t\t\tWHERE audioartists.audioid = " . pg_escape_string($trackID) . " \n\t\t\t\tAND audioartists.artistid = artists.id";
         $trackDetails['artist'] = $db->getColumn($sql);
         $sql = "SELECT DISTINCT keywords.name AS name \n\t\t\tFROM keywords, audiokeywords \n\t\t\tWHERE audiokeywords.audioid = " . pg_escape_string($trackID) . " \n\t\t\t\tAND audiokeywords.keywordid = keywords.id";
         $trackDetails['keywords'] = $db->getColumn($sql);
         $samples = $trackDetails['length_smpl'];
         $trackDetails['length'] = $tracksLen = round($samples / 44100 / 60) . "mins " . $samples / 44100 % 60 . "secs.";
         $sql = "SELECT * FROM audiocomments \n\t\t\tWHERE audioid = " . pg_escape_string($trackID) . " \n\t\t\tORDER BY creationdate ASC";
         $trackDetails['comments'] = $db->getAll($sql);
         foreach ($trackDetails['comments'] as &$comment) {
             $comment['username'] = AuthUtil::getUsername($comment['userid']);
             $comment['comment'] = str_replace("\n", "<br>", $comment['comment']);
             $comment['ctime'] = substr($comment['creationdate'], 0, 10);
         }
         $tracksDetails[] = $trackDetails;
     }
     $auth = Auth::getInstance();
     $userID = $auth->getUserID();
     $this->assign('RequestTrack', AuthUtil::getDetailedUserrealmAccess(array(3, 21, 29), $userID));
     $this->assign('Access_CommentTrack', AuthUtil::getDetailedUserrealmAccess(array(3, 21, 34), $userID));
     $this->assign('Access_EditTrack', AuthUtil::getDetailedUserrealmAccess(array(3, 21, 27), $userID));
     $this->assign('Admin', AuthUtil::getDetailedUserrealmAccess(array(1), $userID));
     $this->assign('tracksDetails', $tracksDetails);
 }
 protected function setupTemplate()
 {
     global $cfg;
     parent::setupTemplate();
     $db = Database::getInstance($cfg['DPS']['dsn']);
     $scriptID = pg_escape_string($this->fieldData['scriptID']);
     $auth = Auth::getInstance();
     $userID = $auth->getUserID();
     $date = time();
     if (is_numeric($scriptID)) {
         $script_query = "SELECT bit_or(permissions) \n\t\t\t\tFROM v_tree_script\n\t\t\t\tWHERE id = {$scriptID}\n\t\t\t\t\tAND userid = {$userID}";
         $checkScripts = $db->getOne($script_query);
         if (substr($checkScripts, 0, 1) == "1") {
             if (substr($checkScripts, 1, 1) == "1") {
                 $this->assign('write', 't');
             } else {
                 $this->assign('write', 'f');
             }
             $script_sql = "SELECT * FROM scripts WHERE id = " . $scriptID;
             $script = $db->getRow($script_sql);
             $script['m'] = (int) ($script['length'] / 60);
             $script['s'] = $script['length'] - $script['m'] * 60;
             $script['niceProducer'] = AuthUtil::getUsername($script['creator']);
             $this->assign('script', $script);
         } else {
             $this->assign('error', 'You do not have permission to edit that script.');
         }
     } else {
         $this->assign('error', 'Invalid Show ID supplied');
     }
     $this->assign('Admin', AuthUtil::getDetailedUserrealmAccess(array(1), $userID));
 }
示例#11
0
 public function action_edit($id)
 {
     if (!Auth::getInstance()->getRights($this->getName(), 'edit')) {
         return $this->view->getMessage('Нет прав на редактирование');
     }
     extract($_SESSION[Auth::$lss]);
     // тут данные выбранных до сих пор заказа и тз
     if (empty($id)) {
         // добавить плату в ТЗ
         if (empty($tz_id)) {
             return $this->getMessage('Не известно куда добавлять выбери ТЗ!');
         } else {
             return parent::action_edit($id);
         }
     } else {
         // выбрана плата - вывести предложение создать рассчет
         $url = $this->model->getFileLinkForRaschet(array(id => $id));
         if ($url) {
             $rec[rasslink] = $url;
         } else {
             $rec[createlink] = $this->actUri('createras', $id)->url();
         }
         return $this->getMessage($this->view->showbutton($rec));
     }
 }
 protected function setupTemplate()
 {
     global $cfg;
     parent::setupTemplate();
     $db = Database::getInstance($cfg['DPS']['dsn']);
     $auth = Auth::getInstance();
     $userID = $auth->getUserID();
     $loc = 1;
     $sql = "SELECT v_tree_aw_sets.*, aw_sets_users.user_id AS userid\n                from v_tree_aw_sets LEFT OUTER JOIN aw_sets_users\n                ON aw_sets_users.set_id = v_tree_aw_sets.id\n\t\t\tWHERE v_tree_aw_sets.userid = " . $cfg['DPS']['systemUserID'] . " \n\t\t\t\tAND v_tree_aw_sets.permissions & B'" . $cfg['DPS']['fileR'] . "' = '" . $cfg['DPS']['fileR'] . "'";
     // station awsets
     $awsets = $db->getAll($sql);
     $sql = "SELECT val FROM configuration \n\t\t\tWHERE location = {$loc} \n\t\t\t\tAND parameter = 'station_aw_set'";
     $userset = $db->getOne($sql);
     foreach ($awsets as &$awset) {
         if ($userset == $awset['id']) {
             $awset['active'] = 't';
         } else {
             $awset['active'] = 'f';
         }
         $sql = "SELECT BIT_OR(permissions) \n\t\t\t\tFROM v_tree_dir \n\t\t\t\tWHERE v_tree_dir.id = {$awset['parent']}\n\t\t\t\t\tAND v_tree_dir.userid = {$cfg['DPS']['systemUserID']}";
         $awset['parentperm'] = $db->getOne($sql);
         $awset['userid'] = AuthUtil::getUsername($awset['userid']);
     }
     $this->assign('access_playlist', AuthUtil::getDetailedUserrealmAccess(array(3, 21, 33), $userID));
     $this->assign('Admin', AuthUtil::getDetailedUserrealmAccess(array(1), $userID));
     $this->assign('awsets', $awsets);
 }
 protected function setupTemplate()
 {
     global $cfg;
     parent::setupTemplate();
     $db = Database::getInstance($cfg['DPS']['dsn']);
     $auth = Auth::getInstance();
     $userID = $auth->getUserID();
     $dirID = pg_escape_string($this->fieldData['rootdir']);
     if (!is_numeric($dirID)) {
         $this->assign('permError', 't');
     } else {
         $flag = false;
         $sql = "SELECT count(*) FROM v_tree_dir\n\t\t\t\tWHERE id = {$dirID}\n\t\t\t\t\tAND\tuserid = {$userID}\n\t\t\t\t\tAND permissions & B'" . $cfg['DPS']['fileW'] . "' = '" . $cfg['DPS']['fileW'] . "'";
         if ($db->getOne($sql) > 0) {
             $flag = true;
         }
         if ($flag) {
             $sql = "SELECT * FROM dir WHERE id = {$dirID}";
             $folder = $db->getRow($sql);
             $this->assign('folder', $folder);
         } else {
             $this->assign('permError', 't');
         }
     }
 }
示例#14
0
文件: User.php 项目: kizz66/meat
 public function delete()
 {
     if ($this->show->itemID != 1) {
         Auth::getInstance()->deleteUser($this->show->itemID);
     }
     redirect(BASE_PATH . 'admin/user');
 }
 protected function setupTemplate()
 {
     global $cfg;
     parent::setupTemplate();
     $db = Database::getInstance($cfg['DPS']['dsn']);
     //Sue playing now/next
     $query = "SELECT audio.title AS title, audio.id AS id \n\t\t\tFROM sustschedule, audio \n\t\t\tWHERE sustschedule.audioid = audio.id \n\t\t\tORDER BY sustschedule.id asc";
     $suePlaylist = $db->getAll($query);
     foreach ($suePlaylist as $key => &$track) {
         $sql = "SELECT DISTINCT artists.name AS name \n\t\t\t\tFROM artists, audioartists \n\t\t\t\tWHERE audioartists.audioid = " . $track['id'] . " \n\t\t\t\t\tAND audioartists.artistid = artists.id";
         $artists = $db->getAll($sql);
         foreach ($artists as $artist) {
             $track['artist'] = $track['artist'] . $artist['name'] . " & ";
         }
         $track['artist'] = rtrim($track['artist'], " & ");
     }
     $auth = Auth::getInstance();
     $userID = $auth->getUserID();
     $this->assign('Access_ViewSue', AuthUtil::getDetailedUserrealmAccess(array(58, 60, 3), $userID));
     $this->assign('Access_EditSue', AuthUtil::getDetailedUserrealmAccess(array(58, 60, 66), $userID));
     $this->assign('Access_SueStats', AuthUtil::getDetailedUserrealmAccess(array(58, 60, 2), $userID));
     $this->assign('Admin', AuthUtil::getDetailedUserrealmAccess(array(1), $userID));
     $this->assign('storedTracks', $systemTracks);
     $this->assign('sueLastTrack', $suePlaylist[0]);
     $this->assign('sueNextTrack', $suePlaylist[1]);
 }
 protected function setupTemplate()
 {
     global $cfg;
     parent::setupTemplate();
     $auth = Auth::getInstance();
     $userID = $auth->getUserID();
     $dirID = substr($this->fieldData['id'], 3);
     $type = $this->fieldData['treeUser'];
     if (stristr($_SERVER["HTTP_ACCEPT"], "application/xhtml+xml")) {
         header("Content-type: application/xhtml+xml");
     } else {
         header("Content-type: text/xml");
     }
     if ($type == 'group') {
         $treeInfo = DPS::singleGroupTreeSetup($dirID, $cfg['Auth']['defaultNewUserGroup'], $this->fieldData['treeType']);
     } else {
         $treeInfo = DPS::singleTreeSetup($dirID, $userID, $this->fieldData['treeType']);
     }
     echo "<?xml version='1.0' encoding='iso-8859-1'?>\n";
     if ($dirID == 1) {
         $dirID = 0;
     } else {
         $dirID = "dir" . $dirID;
     }
     $treeInfo = '<tree id="' . $dirID . '">' . $treeInfo . '</tree>';
     echo $treeInfo;
 }
 protected function setupTemplate()
 {
     global $cfg;
     parent::setupTemplate();
     $db = Database::getInstance($cfg['DPS']['dsn']);
     $count_query = "SELECT count(*) FROM requests";
     $requestedNum = $db->getOne($count_query);
     $query = "SELECT * FROM requests ORDER BY date DESC";
     $requestedResult = $db->getAll($query);
     $i = 0;
     foreach ($requestedResult as $key => &$track) {
         $track['number'] = $i;
         $track['rtime'] = date("m/d/y", $track['date']);
         $track['user'] = AuthUtil::getUsername($track['userid']);
         $i++;
     }
     $trackCount = $i;
     $auth = Auth::getInstance();
     $userID = $auth->getUserID();
     $this->assign('CensorTrack', AuthUtil::getDetailedUserrealmAccess(array(3, 21, 30), $userID));
     $this->assign('RequestTrack', 't');
     $this->assign('RemoveRequestTrack', AuthUtil::getDetailedUserrealmAccess(array(3, 21, 29), $userID));
     $this->assign('Admin', AuthUtil::getDetailedUserrealmAccess(array(1), $userID));
     $this->assign('requestedTracks', $requestedResult);
     $this->assign('requestedNum', $requestedNum);
 }
示例#18
0
文件: menu.class.php 项目: GGF/baza4
    public function action_index() {
        $menuitems = "";
                $fkey = 0;
        foreach ($this->items as $item) {
            $text = $type = $noajax = $picture = $right = '';
            extract($item);
            //echo $type."_".$right;
            if ($this->parent) {
                $righttype = get_class($this->parent) . '_' . $type;
            } else {
                $righttype = $type;
            }
            if ($right and !Auth::getInstance()->getRights($righttype,'view'))
                continue;

            if ($type == "newline") {
                //$menuitems .= "</tr><tr>";
            } else {
                $uri = new UriConstructor();
                $uri->clear();
                Output::assign('hotkey', $fkey++<11?"Ctrl + f{$fkey }":"");
                Output::assign('text',$text);
                Output::assign('hyphertext',hypher::addhypher($text));
                Output::assign('ajax',($item[noajax]?'':"data-silent='{$this->parent->getMainTarget()}' legotarget='{$this->parent->getName()}'"));
                Output::assign('type',$type);
                Output::assign('url',$uri->set($this->parent->getName(),$type)->url());
                Output::assign('selected',($this->parent->getAction()==$type?" menu-item-sel":""));
                Output::assign('picture', (empty($picture) ? "" : "style='background-image: URL(\"/picture/{$picture}\");'"));
                $menuitems .= $this->fetch('menu_item.tpl');
            }
        }
        Output::assign('menuitems',$menuitems);
        return $this->fetch('menu.tpl');
    }
示例#19
0
 /**
  * 初始化
  */
 public function before()
 {
     parent::before();
     if (!Auth::getInstance()->isAllow('role.list')) {
         $this->show_message("对不起,您没有权限执行该操作");
     }
     $this->template->layout = array('title' => '积分管理', 'action' => array('index' => array('url' => '/admin/point', 'text' => '积分管理')), 'current' => $this->request->action);
 }
示例#20
0
 /**
  * 初始化
  */
 public function before()
 {
     parent::before();
     if (!Auth::getInstance()->isAllow('books.list')) {
         $this->show_message('对不起,您没有权限执行该操作');
     }
     $this->template->layout = array('title' => '图书馆管理', 'action' => array('list' => array('url' => '/admin/article/list', 'text' => '图书列表')), 'current' => $this->request->action);
 }
示例#21
0
 /**
  * 初始化
  */
 public function before()
 {
     parent::before();
     if (!Auth::getInstance()->isAllow('module.list')) {
         $this->show_message('对不起,您没有权限执行该操作');
     }
     $this->template->layout = array('title' => '评论管理', 'action' => array('article' => array('url' => '/admin/comments/booklist?app=article', 'text' => '图书评论'), 'img' => array('url' => '/admin/comments/booklist?app=img', 'text' => '相册评论'), 'img_subject' => array('url' => '/admin/comments/booklist?app=img_subject', 'text' => '专题评论')), 'current' => $this->getQuery('app'));
 }
示例#22
0
 /**
  * 初始化
  */
 public function before()
 {
     parent::before();
     if (!Auth::getInstance()->isAllow('role.list')) {
         $this->show_message("对不起,您没有权限执行该操作");
     }
     $this->template->layout = array('title' => '缓存管理');
 }
示例#23
0
 /**
  * 删除模块
  */
 public function action_del()
 {
     if (!Auth::getInstance()->isAllow('module.delete')) {
         $this->show_message('对不起,您没有权限执行该操作');
     }
     ORM::factory('module')->delModule($this->getQuery('mod_name'));
     $this->request->redirect('/admin/module');
     $this->auto_render = false;
 }
 protected function setupTemplate()
 {
     global $cfg;
     parent::setupTemplate();
     $auth = Auth::getInstance();
     $userID = $auth->getUserID();
     $this->assign('treeType', 'jacspmr');
     $this->assign('Admin', AuthUtil::getDetailedUserrealmAccess(array(1), $userID));
 }
 protected function setupTemplate()
 {
     global $cfg;
     parent::setupTemplate();
     $db = Database::getInstance($cfg['DPS']['dsn']);
     $offset = $this->fieldData['dpsSearchPage'];
     if ($offset == "") {
         $offset = 0;
     } else {
         $offset--;
     }
     $searchValue = trim($this->fieldData['dpsSearchVal']);
     $searchType = $this->fieldData['dpsSearchType'];
     $letter = pg_escape_string($this->fieldData['dpsSearchLetter']);
     if ($searchType == '' && $letter != '') {
         if ($letter == "*") {
             $searchType = 'Number';
         } else {
             $searchType = 'Letter';
         }
     }
     if ($this->fieldData['dpsSortType'] != '') {
         $sesh = Session::getInstance();
         $sortType = $this->fieldData['dpsSortType'];
         $sesh->setValue("dpsSortType", $sortType);
     } else {
         $sesh = Session::getInstance();
         if ($sesh->keyExists("dpsSortType")) {
             $sortType = $sesh->getValue("dpsSortType");
         } else {
             $sortType = "title";
         }
     }
     if ($searchValue != '') {
         $searchResult = DPS::searchAudio($searchValue, $searchType, $sortType, $offset, '');
         $rNum = DPS::searchPageAudio($searchValue, $searchType, '');
         $searchInfo = "Found {$rNum} results matching your query";
     }
     $pages = ceil($rNum / $cfg['DPS']['resultLimit']);
     //fill the $pageArray array with values from 1 to $pages
     $pageArray = range(1, $pages);
     $auth = Auth::getInstance();
     $userID = $auth->getUserID();
     $this->assign('RequestTrack', AuthUtil::getDetailedUserrealmAccess(array(3, 21, 29), $userID));
     $this->assign('CensorTrack', AuthUtil::getDetailedUserrealmAccess(array(3, 21, 30), $userID));
     $this->assign('ReportTrack', AuthUtil::getDetailedUserrealmAccess(array(3, 21, 43), $userID));
     $this->assign('EditTrack', AuthUtil::getDetailedUserrealmAccess(array(3, 21, 27), $userID));
     $this->assign('DeleteTrack', AuthUtil::getDetailedUserrealmAccess(array(2, 21, 32), $userID));
     $this->assign('Admin', AuthUtil::getDetailedUserrealmAccess(array(1), $userID));
     $this->assign('page', $offset);
     $this->assign('searchResult', $searchResult);
     $this->assign('searchInfo', $searchInfo);
     $this->assign('pages', $pageArray);
     $this->assign('searchType', $searchType);
     $this->assign('searchValue', $searchValue);
     $this->assign('sortType', $sortType);
 }
 protected function setupTemplate()
 {
     global $cfg;
     parent::setupTemplate();
     $db = Database::getInstance($cfg['DPS']['dsn']);
     $auth = Auth::getInstance();
     $userID = $auth->getUserID();
     $this->assign('Admin', AuthUtil::getDetailedUserrealmAccess(array(1), $userID));
 }
 protected function setupTemplate()
 {
     global $cfg;
     parent::setupTemplate();
     $auth = Auth::getInstance();
     $userID = $auth->getUserID();
     $this->assign('RequestTrack', AuthUtil::getDetailedUserrealmAccess(array(3, 21, 29), $userID));
     $this->assign('Admin', AuthUtil::getDetailedUserrealmAccess(array(1), $userID));
 }
 /**
  * 删除模块
  */
 public function action_del()
 {
     if (!Auth::getInstance()->isAllow('privilege.delete')) {
         $this->show_message('对不起,您没有权限执行该操作');
     }
     ORM::factory('acl_privilege')->delPrivilege($this->getQuery('priv_name'));
     $this->request->redirect('/admin/privilege/list');
     $this->auto_render = false;
 }
示例#29
0
 /**
  * 控制器方法执行前的操作
  *
  */
 public function before()
 {
     parent::before();
     Session::instance()->delete('acl_all_default_roles');
     Session::instance()->delete('acl_all_guest_roles');
     if (!$this->auth || !Auth::getInstance()->isAllow('index.access@admin')) {
         $links[] = array('text' => '去登录', 'href' => '/user/login?forward=' . urlencode($_SERVER['REQUEST_URI']));
         $this->show_message('你尚未登录或者你没权限登录后台管理。。。', 0, $links);
     }
 }
示例#30
0
 public function userRole($id)
 {
     if (Auth::getInstance()->user() == true) {
         $roles = array_map('trim', explode(",", $id));
         $current_role = Auth::getInstance()->user()->role;
         if (array_search($current_role, $roles) === false) {
             throw new \Exception("Current user's role not authorized", 401);
         }
     }
 }