protected function processValid()
{
global $cfg;
$db = Database::getInstance($cfg['DPS']['dsn']);
$dir = pg_escape_string($this->fieldData['rootdir']);
$auth = Auth::getInstance();
$userID = $auth->getUserID();
if (is_numeric($dir)) {
$sql_update['name'] = $this->fieldData['dirtext'];
$swhere = "id = " . pg_escape_string($dir);
$db->update('dir', $sql_update, $swhere, true);
$sql = "SELECT count(*) FROM v_tree_dir\n\t\t\t\tWHERE id = {$dir}\n\t\t\t\t\tAND\tuserid = {$userID}\n\t\t\t\t\tAND permissions & B'" . $cfg['DPS']['fileO'] . "' = '" . $cfg['DPS']['fileO'] . "'";
if ($db->getOne($sql) > 0) {
$where = "dirid = {$dir} AND groupid = " . $cfg['DPS']['allusersgroupid'];
$db->delete('dirgroups', $where, $true);
if ($this->fieldData['dirperm'] == 'pubrw') {
$dirI['dirid'] = $dir;
$dirI['groupid'] = $cfg['DPS']['allusersgroupid'];
$dirI['permissions'] = $cfg['DPS']['fileRW'];
$db->insert('dirgroups', $dirI, false);
} elseif ($this->fieldData['dirperm'] == 'pubr') {
$dirI['dirid'] = $dir;
$dirI['groupid'] = $cfg['DPS']['allusersgroupid'];
$dirI['permissions'] = $cfg['DPS']['fileR'];
$db->insert('dirgroups', $dirI, false);
} else {
$dirI['dirid'] = $dir;
$dirI['groupid'] = $cfg['DPS']['allusersgroupid'];
$dirI['permissions'] = $cfg['DPS']['file'];
$db->insert('dirgroups', $dirI, false);
}
}
}
}
protected function setupTemplate()
{
global $cfg;
parent::setupTemplate();
$auth = Auth::getInstance();
$ID = $this->fieldData['guid'];
$realmID = substr($this->fieldData['id'], 3);
$type = $this->fieldData['treeUser'];
if (stristr($_SERVER["HTTP_ACCEPT"], "application/xhtml+xml")) {
header("Content-type: application/xhtml+xml");
} else {
header("Content-type: text/xml");
}
if ($type == 'group') {
$treeInfo = AuthSubRealmViewer::singleRealmTree($realmID, $ID, true);
} else {
$treeInfo = AuthSubRealmViewer::singleRealmTree($realmID, $ID, false);
}
echo "<?xml version='1.0' encoding='iso-8859-1'?>\n";
if ($realmID == 0) {
$realmID = 0;
} else {
$realmID = "rlm" . $realmID;
}
$treeInfo = '<tree id="' . $realmID . '">' . $treeInfo . '</tree>';
echo $treeInfo;
}
public function init()
{
$data = $_REQUEST;
if (isset($data[Profile::GET_CHANGE_PASSWORD_BUTTON])) {
if (strlen($data[Profile::GET_CHANGE_PASSWORD]) > 0) {
if (!User::passwordIsValid($data[Profile::GET_CHANGE_PASSWORD])) {
Flight::redirect($_SERVER['REDIRECT_URL'] . '?success=0');
} else {
$user = Auth::getInstance()->getUser();
$user->password = User::getHashPassword(trim(strip_tags($data[Profile::GET_CHANGE_PASSWORD])), $user->login);
$user->save();
Flight::redirect($_SERVER['REDIRECT_URL'] . '?success=1');
return true;
}
}
if (strlen($data[Profile::GET_CHANGE_PHONE]) > 0) {
if (!User::validatePhone(trim($data[Profile::GET_CHANGE_PHONE]))) {
Flight::redirect($_SERVER['REDIRECT_URL'] . '?success=2');
} else {
$user = Auth::getInstance()->getUser();
$user->number = trim($data[Profile::GET_CHANGE_PHONE]);
$user->save();
Flight::redirect($_SERVER['REDIRECT_URL'] . '?success=1');
return true;
}
}
}
}
protected function setupTemplate()
{
global $cfg;
parent::setupTemplate();
$db = Database::getInstance($cfg['DPS']['dsn']);
$auth = Auth::getInstance();
$userID = $auth->getUserID();
$audioID = pg_escape_string($this->fieldData['audioID']);
$sql = "SELECT jinglepkgid FROM audiojinglepkgs WHERE audioid = {$audioID}";
$jinglepkgID = $db->getOne($sql);
$sql = "SELECT name FROM jinglepkgs WHERE id = {$jinglepkgID}";
$currentpkg = $db->getOne($sql);
if ($currentpkg == '') {
$currentpkg = 'Default';
}
$sql = "SELECT title FROM audio WHERE id = {$audioID}";
$jinglename = $db->getOne($sql);
$sql = "SELECT name, id FROM jinglepkgs";
$jinglepkgs = $db->getAll($sql);
$this->assign('access_playlist', AuthUtil::getDetailedUserrealmAccess(array(3, 21, 33), $userID));
$this->assign('access_sue', AuthUtil::getDetailedUserrealmAccess(array(24, 20, 3), $userID));
$this->assign('Admin', AuthUtil::getDetailedUserrealmAccess(array(1), $userID));
$this->assign('jinglepkgs', $jinglepkgs);
$this->assign('currentpkg', $currentpkg);
$this->assign('currentpkgid', $jinglepkgID);
$this->assign('jinglename', $jinglename);
$this->assign('jingleID', $audioID);
}
public function action_edit($id)
{
if (!Auth::getInstance()->getRights($this->getName(), 'view')) {
// тут можно смотреть, но редактирование(запуск) проверяется в виде(view)
return $this->view->getMessage('Нет прав на редактирование');
}
$rec = $this->model->getRecord($id);
if ($rec[mp]) {
$rec[mp][mplink] = $this->actUri('masterplate', $id)->url();
}
if ($rec[zadel] > 0) {
$rec[zadellink] = $this->actUri('zadel', $id)->url();
// создать AJAX ссылку для кнопки
}
$mpp = false;
for ($i = 0; $i < $rec[parties]; $i++) {
if ($rec[party][$i][party]) {
// в дозапуске указываем количество запуска и меняем его если надо скриптом см. ниже
$rec[party][$i][sllink] = $this->actUri('sl', $id, $rec[party][$i][party], $rec[block][boardinorder])->url();
}
$mpp = $rec[party][$i][type] == "mpp" || $mpp;
}
if ($mpp) {
$rec[block][boardinorder] = "<input type='text' value='{$rec[block][boardinorder]}' size='4' id='boardinorder'/><script>\n \$('#boardinorder').change(function(){ \n var sstr = \$(this).val();\n \$('.partybuttonlink').each(function(){\n var str=\$(this).attr('href');\n str = str.replace(new RegExp('lanch_nzap%5Bsl%5D%5B2%5D=[0-9]+'),'lanch_nzap%5Bsl%5D%5B2%5D='+sstr); \n \$(this).attr('href',str);\n });\n });\n </script>";
}
return $this->getMessage($this->view->showrec($rec));
}
public function init()
{
$data = $_REQUEST;
if (isset($data[Profile::GET_CHANGE_PASSWORD_BUTTON])) {
$user = Auth::getInstance()->getUser();
if (strlen(trim($data[Profile::GET_CHANGE_MAIL])) > 0) {
if ($user->email != trim($data[Profile::GET_CHANGE_MAIL])) {
if (User::validEmail(trim(strip_tags($data[Profile::GET_CHANGE_MAIL])))) {
$user->email = trim(strip_tags($data[Profile::GET_CHANGE_MAIL]));
$user->password = User::getHashPassword($user->password, strtolower($user->email));
} else {
Flight::redirect($_SERVER['REDIRECT_URL'] . '?success=2');
}
}
}
if (strlen(trim($data[Profile::GET_CHANGE_PASSWORD])) > 0) {
if (!User::passwordIsValid($data[Profile::GET_CHANGE_PASSWORD])) {
Flight::redirect($_SERVER['REDIRECT_URL'] . '?success=0');
} else {
$user->password = User::getHashPassword(trim(strip_tags($data[Profile::GET_CHANGE_PASSWORD])), strtolower($user->email));
}
}
$user->save();
Flight::redirect($_SERVER['REDIRECT_URL'] . '?success=1');
return true;
}
}
/**
*
* The username to be logged in is taken from the $fieldData class
* variable
*/
public function isValid(&$password)
{
$user = $this->fieldData['authUser'];
$auth = Auth::getInstance();
$flag = false;
BasicLogger::logMessage("checking login for '{$user}'", self::module, 'debug');
if ($auth->attemptLogin($user, $password)) {
BasicLogger::logMessage("successful login for '{$user}'", self::module, 'debug');
$flag = true;
} else {
BasicLogger::logMessage("failed login for '{$user}'", self::module, 'debug');
$flag = "Invalid username or password";
}
if (is_null($auth->getUserID())) {
$Nuser = array();
$Nuser['username'] = $auth->getUser();
$Nuser['enabled'] = 't';
$Nuser['id'] = "#id#";
$db = Database::getInstance($cfg['Auth']['dsn']);
$userID = $db->insert('users', $Nuser, true);
if (isset($cfg['Auth']['defaultNewUserGroup'])) {
$group = array();
$group['groupid'] = $cfg['Auth']['defaultNewUserGroup'];
$group['userid'] = $userID;
$db->insert('usersgroups', $group, true);
}
$auth->attemptLogin();
BasicLogger::logMessage("new user created for for '{$user}'", self::module, 'debug');
}
return $flag;
}
protected function setupTemplate()
{
global $cfg;
parent::setupTemplate();
$db = Database::getInstance($cfg['DPS']['dsn']);
$auth = Auth::getInstance();
$userID = $auth->getUserID();
$scriptID = pg_escape_string($this->fieldData['scriptID']);
if (!is_numeric($scriptID)) {
$this->assign('permError', 't');
} else {
$sql = "SELECT count(*) FROM v_tree_script\n\t\t\t\tWHERE id = {$scriptID}\n\t\t\t\t\tAND\tuserid = {$userID}\n\t\t\t\t\tAND permissions & B'" . $cfg['DPS']['fileW'] . "' = '" . $cfg['DPS']['fileW'] . "'";
if ($db->getOne($sql) > 0) {
$sql = "SELECT dirid FROM scriptsdir\n\t\t\t\t\tWHERE scriptid = {$scriptID}";
$dirID = $db->getOne($sql);
"SELECT count(*) FROM v_tree_dir\n\t\t\t\t\tWHERE id = {$dirID}\n\t\t\t\t\t\tAND\tuserid = {$userID}\n\t\t\t\t\t\tAND permissions & B'" . $cfg['DPS']['fileW'] . "' = '" . $cfg['DPS']['fileW'] . "'";
if ($db->getOne($sql) > 0) {
$flag = true;
}
}
if ($flag) {
$sql = "SELECT * FROM scripts WHERE id = {$scriptID}";
$script = $db->getRow($sql);
$sql = "SELECT count(*) FROM v_tree_script\n\t\t\t\t\tWHERE id = {$scriptID}\n\t\t\t\t\t\tAND\tuserid = {$userID}\n\t\t\t\t\t\tAND permissions & B'" . $cfg['DPS']['fileO'] . "' = '" . $cfg['DPS']['fileO'] . "'";
$check = $db->getOne($sql);
if ($check > 0) {
$this->assign('own', 't');
}
$this->assign('script', $script);
$this->assign('treeType', '');
} else {
$this->assign('permError', 't');
}
}
}
protected function setupTemplate()
{
global $cfg;
parent::setupTemplate();
$db = Database::getInstance($cfg['DPS']['dsn']);
$trackIDs = explode(";", $this->fieldData['trackID']);
$tracksDetails = array();
foreach ($trackIDs as $trackID) {
$sql = "SELECT audio.*, albums.name AS album \n\t\t\tFROM audio, albums \n\t\t\tWHERE audio.music_album = albums.id \n\t\t\t\tAND audio.id = " . pg_escape_string($trackID);
$trackDetails = $db->getRow($sql);
$sql = "SELECT DISTINCT artists.name AS name \n\t\t\tFROM artists, audioartists \n\t\t\tWHERE audioartists.audioid = " . pg_escape_string($trackID) . " \n\t\t\t\tAND audioartists.artistid = artists.id";
$trackDetails['artist'] = $db->getColumn($sql);
$sql = "SELECT DISTINCT keywords.name AS name \n\t\t\tFROM keywords, audiokeywords \n\t\t\tWHERE audiokeywords.audioid = " . pg_escape_string($trackID) . " \n\t\t\t\tAND audiokeywords.keywordid = keywords.id";
$trackDetails['keywords'] = $db->getColumn($sql);
$samples = $trackDetails['length_smpl'];
$trackDetails['length'] = $tracksLen = round($samples / 44100 / 60) . "mins " . $samples / 44100 % 60 . "secs.";
$sql = "SELECT * FROM audiocomments \n\t\t\tWHERE audioid = " . pg_escape_string($trackID) . " \n\t\t\tORDER BY creationdate ASC";
$trackDetails['comments'] = $db->getAll($sql);
foreach ($trackDetails['comments'] as &$comment) {
$comment['username'] = AuthUtil::getUsername($comment['userid']);
$comment['comment'] = str_replace("\n", "<br>", $comment['comment']);
$comment['ctime'] = substr($comment['creationdate'], 0, 10);
}
$tracksDetails[] = $trackDetails;
}
$auth = Auth::getInstance();
$userID = $auth->getUserID();
$this->assign('RequestTrack', AuthUtil::getDetailedUserrealmAccess(array(3, 21, 29), $userID));
$this->assign('Access_CommentTrack', AuthUtil::getDetailedUserrealmAccess(array(3, 21, 34), $userID));
$this->assign('Access_EditTrack', AuthUtil::getDetailedUserrealmAccess(array(3, 21, 27), $userID));
$this->assign('Admin', AuthUtil::getDetailedUserrealmAccess(array(1), $userID));
$this->assign('tracksDetails', $tracksDetails);
}
protected function setupTemplate()
{
global $cfg;
parent::setupTemplate();
$db = Database::getInstance($cfg['DPS']['dsn']);
$scriptID = pg_escape_string($this->fieldData['scriptID']);
$auth = Auth::getInstance();
$userID = $auth->getUserID();
$date = time();
if (is_numeric($scriptID)) {
$script_query = "SELECT bit_or(permissions) \n\t\t\t\tFROM v_tree_script\n\t\t\t\tWHERE id = {$scriptID}\n\t\t\t\t\tAND userid = {$userID}";
$checkScripts = $db->getOne($script_query);
if (substr($checkScripts, 0, 1) == "1") {
if (substr($checkScripts, 1, 1) == "1") {
$this->assign('write', 't');
} else {
$this->assign('write', 'f');
}
$script_sql = "SELECT * FROM scripts WHERE id = " . $scriptID;
$script = $db->getRow($script_sql);
$script['m'] = (int) ($script['length'] / 60);
$script['s'] = $script['length'] - $script['m'] * 60;
$script['niceProducer'] = AuthUtil::getUsername($script['creator']);
$this->assign('script', $script);
} else {
$this->assign('error', 'You do not have permission to edit that script.');
}
} else {
$this->assign('error', 'Invalid Show ID supplied');
}
$this->assign('Admin', AuthUtil::getDetailedUserrealmAccess(array(1), $userID));
}
public function action_edit($id)
{
if (!Auth::getInstance()->getRights($this->getName(), 'edit')) {
return $this->view->getMessage('Нет прав на редактирование');
}
extract($_SESSION[Auth::$lss]);
// тут данные выбранных до сих пор заказа и тз
if (empty($id)) {
// добавить плату в ТЗ
if (empty($tz_id)) {
return $this->getMessage('Не известно куда добавлять выбери ТЗ!');
} else {
return parent::action_edit($id);
}
} else {
// выбрана плата - вывести предложение создать рассчет
$url = $this->model->getFileLinkForRaschet(array(id => $id));
if ($url) {
$rec[rasslink] = $url;
} else {
$rec[createlink] = $this->actUri('createras', $id)->url();
}
return $this->getMessage($this->view->showbutton($rec));
}
}
protected function setupTemplate()
{
global $cfg;
parent::setupTemplate();
$db = Database::getInstance($cfg['DPS']['dsn']);
$auth = Auth::getInstance();
$userID = $auth->getUserID();
$loc = 1;
$sql = "SELECT v_tree_aw_sets.*, aw_sets_users.user_id AS userid\n from v_tree_aw_sets LEFT OUTER JOIN aw_sets_users\n ON aw_sets_users.set_id = v_tree_aw_sets.id\n\t\t\tWHERE v_tree_aw_sets.userid = " . $cfg['DPS']['systemUserID'] . " \n\t\t\t\tAND v_tree_aw_sets.permissions & B'" . $cfg['DPS']['fileR'] . "' = '" . $cfg['DPS']['fileR'] . "'";
// station awsets
$awsets = $db->getAll($sql);
$sql = "SELECT val FROM configuration \n\t\t\tWHERE location = {$loc} \n\t\t\t\tAND parameter = 'station_aw_set'";
$userset = $db->getOne($sql);
foreach ($awsets as &$awset) {
if ($userset == $awset['id']) {
$awset['active'] = 't';
} else {
$awset['active'] = 'f';
}
$sql = "SELECT BIT_OR(permissions) \n\t\t\t\tFROM v_tree_dir \n\t\t\t\tWHERE v_tree_dir.id = {$awset['parent']}\n\t\t\t\t\tAND v_tree_dir.userid = {$cfg['DPS']['systemUserID']}";
$awset['parentperm'] = $db->getOne($sql);
$awset['userid'] = AuthUtil::getUsername($awset['userid']);
}
$this->assign('access_playlist', AuthUtil::getDetailedUserrealmAccess(array(3, 21, 33), $userID));
$this->assign('Admin', AuthUtil::getDetailedUserrealmAccess(array(1), $userID));
$this->assign('awsets', $awsets);
}
protected function setupTemplate()
{
global $cfg;
parent::setupTemplate();
$db = Database::getInstance($cfg['DPS']['dsn']);
$auth = Auth::getInstance();
$userID = $auth->getUserID();
$dirID = pg_escape_string($this->fieldData['rootdir']);
if (!is_numeric($dirID)) {
$this->assign('permError', 't');
} else {
$flag = false;
$sql = "SELECT count(*) FROM v_tree_dir\n\t\t\t\tWHERE id = {$dirID}\n\t\t\t\t\tAND\tuserid = {$userID}\n\t\t\t\t\tAND permissions & B'" . $cfg['DPS']['fileW'] . "' = '" . $cfg['DPS']['fileW'] . "'";
if ($db->getOne($sql) > 0) {
$flag = true;
}
if ($flag) {
$sql = "SELECT * FROM dir WHERE id = {$dirID}";
$folder = $db->getRow($sql);
$this->assign('folder', $folder);
} else {
$this->assign('permError', 't');
}
}
}
public function delete()
{
if ($this->show->itemID != 1) {
Auth::getInstance()->deleteUser($this->show->itemID);
}
redirect(BASE_PATH . 'admin/user');
}
protected function setupTemplate()
{
global $cfg;
parent::setupTemplate();
$db = Database::getInstance($cfg['DPS']['dsn']);
//Sue playing now/next
$query = "SELECT audio.title AS title, audio.id AS id \n\t\t\tFROM sustschedule, audio \n\t\t\tWHERE sustschedule.audioid = audio.id \n\t\t\tORDER BY sustschedule.id asc";
$suePlaylist = $db->getAll($query);
foreach ($suePlaylist as $key => &$track) {
$sql = "SELECT DISTINCT artists.name AS name \n\t\t\t\tFROM artists, audioartists \n\t\t\t\tWHERE audioartists.audioid = " . $track['id'] . " \n\t\t\t\t\tAND audioartists.artistid = artists.id";
$artists = $db->getAll($sql);
foreach ($artists as $artist) {
$track['artist'] = $track['artist'] . $artist['name'] . " & ";
}
$track['artist'] = rtrim($track['artist'], " & ");
}
$auth = Auth::getInstance();
$userID = $auth->getUserID();
$this->assign('Access_ViewSue', AuthUtil::getDetailedUserrealmAccess(array(58, 60, 3), $userID));
$this->assign('Access_EditSue', AuthUtil::getDetailedUserrealmAccess(array(58, 60, 66), $userID));
$this->assign('Access_SueStats', AuthUtil::getDetailedUserrealmAccess(array(58, 60, 2), $userID));
$this->assign('Admin', AuthUtil::getDetailedUserrealmAccess(array(1), $userID));
$this->assign('storedTracks', $systemTracks);
$this->assign('sueLastTrack', $suePlaylist[0]);
$this->assign('sueNextTrack', $suePlaylist[1]);
}
protected function setupTemplate()
{
global $cfg;
parent::setupTemplate();
$auth = Auth::getInstance();
$userID = $auth->getUserID();
$dirID = substr($this->fieldData['id'], 3);
$type = $this->fieldData['treeUser'];
if (stristr($_SERVER["HTTP_ACCEPT"], "application/xhtml+xml")) {
header("Content-type: application/xhtml+xml");
} else {
header("Content-type: text/xml");
}
if ($type == 'group') {
$treeInfo = DPS::singleGroupTreeSetup($dirID, $cfg['Auth']['defaultNewUserGroup'], $this->fieldData['treeType']);
} else {
$treeInfo = DPS::singleTreeSetup($dirID, $userID, $this->fieldData['treeType']);
}
echo "<?xml version='1.0' encoding='iso-8859-1'?>\n";
if ($dirID == 1) {
$dirID = 0;
} else {
$dirID = "dir" . $dirID;
}
$treeInfo = '<tree id="' . $dirID . '">' . $treeInfo . '</tree>';
echo $treeInfo;
}
protected function setupTemplate()
{
global $cfg;
parent::setupTemplate();
$db = Database::getInstance($cfg['DPS']['dsn']);
$count_query = "SELECT count(*) FROM requests";
$requestedNum = $db->getOne($count_query);
$query = "SELECT * FROM requests ORDER BY date DESC";
$requestedResult = $db->getAll($query);
$i = 0;
foreach ($requestedResult as $key => &$track) {
$track['number'] = $i;
$track['rtime'] = date("m/d/y", $track['date']);
$track['user'] = AuthUtil::getUsername($track['userid']);
$i++;
}
$trackCount = $i;
$auth = Auth::getInstance();
$userID = $auth->getUserID();
$this->assign('CensorTrack', AuthUtil::getDetailedUserrealmAccess(array(3, 21, 30), $userID));
$this->assign('RequestTrack', 't');
$this->assign('RemoveRequestTrack', AuthUtil::getDetailedUserrealmAccess(array(3, 21, 29), $userID));
$this->assign('Admin', AuthUtil::getDetailedUserrealmAccess(array(1), $userID));
$this->assign('requestedTracks', $requestedResult);
$this->assign('requestedNum', $requestedNum);
}
public function action_index() {
$menuitems = "";
$fkey = 0;
foreach ($this->items as $item) {
$text = $type = $noajax = $picture = $right = '';
extract($item);
//echo $type."_".$right;
if ($this->parent) {
$righttype = get_class($this->parent) . '_' . $type;
} else {
$righttype = $type;
}
if ($right and !Auth::getInstance()->getRights($righttype,'view'))
continue;
if ($type == "newline") {
//$menuitems .= "</tr><tr>";
} else {
$uri = new UriConstructor();
$uri->clear();
Output::assign('hotkey', $fkey++<11?"Ctrl + f{$fkey }":"");
Output::assign('text',$text);
Output::assign('hyphertext',hypher::addhypher($text));
Output::assign('ajax',($item[noajax]?'':"data-silent='{$this->parent->getMainTarget()}' legotarget='{$this->parent->getName()}'"));
Output::assign('type',$type);
Output::assign('url',$uri->set($this->parent->getName(),$type)->url());
Output::assign('selected',($this->parent->getAction()==$type?" menu-item-sel":""));
Output::assign('picture', (empty($picture) ? "" : "style='background-image: URL(\"/picture/{$picture}\");'"));
$menuitems .= $this->fetch('menu_item.tpl');
}
}
Output::assign('menuitems',$menuitems);
return $this->fetch('menu.tpl');
}
/**
* 初始化
*/
public function before()
{
parent::before();
if (!Auth::getInstance()->isAllow('role.list')) {
$this->show_message("对不起,您没有权限执行该操作");
}
$this->template->layout = array('title' => '积分管理', 'action' => array('index' => array('url' => '/admin/point', 'text' => '积分管理')), 'current' => $this->request->action);
}
/**
* 初始化
*/
public function before()
{
parent::before();
if (!Auth::getInstance()->isAllow('books.list')) {
$this->show_message('对不起,您没有权限执行该操作');
}
$this->template->layout = array('title' => '图书馆管理', 'action' => array('list' => array('url' => '/admin/article/list', 'text' => '图书列表')), 'current' => $this->request->action);
}
/**
* 初始化
*/
public function before()
{
parent::before();
if (!Auth::getInstance()->isAllow('module.list')) {
$this->show_message('对不起,您没有权限执行该操作');
}
$this->template->layout = array('title' => '评论管理', 'action' => array('article' => array('url' => '/admin/comments/booklist?app=article', 'text' => '图书评论'), 'img' => array('url' => '/admin/comments/booklist?app=img', 'text' => '相册评论'), 'img_subject' => array('url' => '/admin/comments/booklist?app=img_subject', 'text' => '专题评论')), 'current' => $this->getQuery('app'));
}
/**
* 初始化
*/
public function before()
{
parent::before();
if (!Auth::getInstance()->isAllow('role.list')) {
$this->show_message("对不起,您没有权限执行该操作");
}
$this->template->layout = array('title' => '缓存管理');
}
/**
* 删除模块
*/
public function action_del()
{
if (!Auth::getInstance()->isAllow('module.delete')) {
$this->show_message('对不起,您没有权限执行该操作');
}
ORM::factory('module')->delModule($this->getQuery('mod_name'));
$this->request->redirect('/admin/module');
$this->auto_render = false;
}
protected function setupTemplate()
{
global $cfg;
parent::setupTemplate();
$auth = Auth::getInstance();
$userID = $auth->getUserID();
$this->assign('treeType', 'jacspmr');
$this->assign('Admin', AuthUtil::getDetailedUserrealmAccess(array(1), $userID));
}
protected function setupTemplate()
{
global $cfg;
parent::setupTemplate();
$db = Database::getInstance($cfg['DPS']['dsn']);
$offset = $this->fieldData['dpsSearchPage'];
if ($offset == "") {
$offset = 0;
} else {
$offset--;
}
$searchValue = trim($this->fieldData['dpsSearchVal']);
$searchType = $this->fieldData['dpsSearchType'];
$letter = pg_escape_string($this->fieldData['dpsSearchLetter']);
if ($searchType == '' && $letter != '') {
if ($letter == "*") {
$searchType = 'Number';
} else {
$searchType = 'Letter';
}
}
if ($this->fieldData['dpsSortType'] != '') {
$sesh = Session::getInstance();
$sortType = $this->fieldData['dpsSortType'];
$sesh->setValue("dpsSortType", $sortType);
} else {
$sesh = Session::getInstance();
if ($sesh->keyExists("dpsSortType")) {
$sortType = $sesh->getValue("dpsSortType");
} else {
$sortType = "title";
}
}
if ($searchValue != '') {
$searchResult = DPS::searchAudio($searchValue, $searchType, $sortType, $offset, '');
$rNum = DPS::searchPageAudio($searchValue, $searchType, '');
$searchInfo = "Found {$rNum} results matching your query";
}
$pages = ceil($rNum / $cfg['DPS']['resultLimit']);
//fill the $pageArray array with values from 1 to $pages
$pageArray = range(1, $pages);
$auth = Auth::getInstance();
$userID = $auth->getUserID();
$this->assign('RequestTrack', AuthUtil::getDetailedUserrealmAccess(array(3, 21, 29), $userID));
$this->assign('CensorTrack', AuthUtil::getDetailedUserrealmAccess(array(3, 21, 30), $userID));
$this->assign('ReportTrack', AuthUtil::getDetailedUserrealmAccess(array(3, 21, 43), $userID));
$this->assign('EditTrack', AuthUtil::getDetailedUserrealmAccess(array(3, 21, 27), $userID));
$this->assign('DeleteTrack', AuthUtil::getDetailedUserrealmAccess(array(2, 21, 32), $userID));
$this->assign('Admin', AuthUtil::getDetailedUserrealmAccess(array(1), $userID));
$this->assign('page', $offset);
$this->assign('searchResult', $searchResult);
$this->assign('searchInfo', $searchInfo);
$this->assign('pages', $pageArray);
$this->assign('searchType', $searchType);
$this->assign('searchValue', $searchValue);
$this->assign('sortType', $sortType);
}
protected function setupTemplate()
{
global $cfg;
parent::setupTemplate();
$db = Database::getInstance($cfg['DPS']['dsn']);
$auth = Auth::getInstance();
$userID = $auth->getUserID();
$this->assign('Admin', AuthUtil::getDetailedUserrealmAccess(array(1), $userID));
}
protected function setupTemplate()
{
global $cfg;
parent::setupTemplate();
$auth = Auth::getInstance();
$userID = $auth->getUserID();
$this->assign('RequestTrack', AuthUtil::getDetailedUserrealmAccess(array(3, 21, 29), $userID));
$this->assign('Admin', AuthUtil::getDetailedUserrealmAccess(array(1), $userID));
}
/**
* 删除模块
*/
public function action_del()
{
if (!Auth::getInstance()->isAllow('privilege.delete')) {
$this->show_message('对不起,您没有权限执行该操作');
}
ORM::factory('acl_privilege')->delPrivilege($this->getQuery('priv_name'));
$this->request->redirect('/admin/privilege/list');
$this->auto_render = false;
}
/**
* 控制器方法执行前的操作
*
*/
public function before()
{
parent::before();
Session::instance()->delete('acl_all_default_roles');
Session::instance()->delete('acl_all_guest_roles');
if (!$this->auth || !Auth::getInstance()->isAllow('index.access@admin')) {
$links[] = array('text' => '去登录', 'href' => '/user/login?forward=' . urlencode($_SERVER['REQUEST_URI']));
$this->show_message('你尚未登录或者你没权限登录后台管理。。。', 0, $links);
}
}
public function userRole($id)
{
if (Auth::getInstance()->user() == true) {
$roles = array_map('trim', explode(",", $id));
$current_role = Auth::getInstance()->user()->role;
if (array_search($current_role, $roles) === false) {
throw new \Exception("Current user's role not authorized", 401);
}
}
}