示例#1
1
 public static function process()
 {
     $security = new Security();
     $security->verifyPre();
     $data = stream_get_contents(fopen('php://input', 'r'));
     $compressedSize = strlen($data);
     $security->verifyCompressedData($data, $compressedSize);
     $data = @gzdecode($data);
     $uncompressedSize = strlen($data);
     $security->validateData($data, $uncompressedSize);
     $json = json_decode($data, true);
     $security->validateJson($json);
     if (isset($json['icon'])) {
         $img = self::getServerIcon($json['icon']);
         $json['icon'] = $img;
         $data = json_encode($json);
         $uncompressedSize = strlen($data);
     }
     $key = Util::uuid(false);
     $cacheFile = Cache::getFile($key);
     Log::info("Uploaded {$uncompressedSize} bytes as {$key} to {$cacheFile}");
     Cache::put($key, $data);
     header("Location: " . BASE_URL_VIEW . "/?id={$key}");
     self::error("Compressed Size: {$compressedSize}\nUncompressed Size: {$uncompressedSize}\nRaw Upload: " . BASE_URL_VIEW . "/?id={$key}&raw=1");
 }
示例#2
0
 function init()
 {
     // Get the member configuration
     $oMemberModel = getModel('member');
     $this->member_config = $oMemberModel->getMemberConfig();
     Context::set('member_config', $this->member_config);
     $oSecurity = new Security();
     $oSecurity->encodeHTML('member_config.signupForm..');
     $mskin = $this->member_config->mskin;
     // Set the template path
     if (!$mskin) {
         $mskin = 'default';
         $template_path = sprintf('%sm.skins/%s', $this->module_path, $mskin);
     } else {
         $template_path = sprintf('%sm.skins/%s', $this->module_path, $mskin);
     }
     // if member_srl exists, set memberInfo
     $member_srl = Context::get('member_srl');
     if ($member_srl) {
         $oMemberModel = getModel('member');
         $this->memberInfo = $oMemberModel->getMemberInfoByMemberSrl($member_srl);
         if (!$this->memberInfo) {
             Context::set('member_srl', '');
         } else {
             Context::set('member_info', $this->memberInfo);
         }
     }
     $this->setTemplatePath($template_path);
     $oLayoutModel = getModel('layout');
     $layout_info = $oLayoutModel->getLayout($this->member_config->mlayout_srl);
     if ($layout_info) {
         $this->module_info->mlayout_srl = $this->member_config->mlayout_srl;
         $this->setLayoutPath($layout_info->path);
     }
 }
示例#3
0
 function dispNcenterliteAdminSkinsetting()
 {
     $oModuleModel = getModel('module');
     $oLayoutModel = getModel('layout');
     $oNcenterliteModel = getModel('ncenterlite');
     $config = $oNcenterliteModel->getConfig();
     Context::set('config', $config);
     $layout_list = $oLayoutModel->getLayoutList();
     Context::set('layout_list', $layout_list);
     $mobile_layout_list = $oLayoutModel->getLayoutList(0, 'M');
     Context::set('mlayout_list', $mobile_layout_list);
     $skin_list = $oModuleModel->getSkins($this->module_path);
     Context::set('skin_list', $skin_list);
     $mskin_list = $oModuleModel->getSkins($this->module_path, "m.skins");
     Context::set('mskin_list', $mskin_list);
     if (!$skin_list[$config->skin]) {
         $config->skin = 'default';
     }
     Context::set('colorset_list', $skin_list[$config->skin]->colorset);
     if (!$mskin_list[$config->mskin]) {
         $config->mskin = 'default';
     }
     Context::set('mcolorset_list', $mskin_list[$config->mskin]->colorset);
     $security = new Security();
     $security->encodeHTML('config..');
     $security->encodeHTML('skin_list..title');
     $security->encodeHTML('colorset_list..name', 'colorset_list..title');
 }
 /**
  * the html to select colorset of the skin
  * @return void
  */
 function getCommunicationAdminColorset()
 {
     $skin = Context::get('skin');
     $type = Context::get('type') == 'P' ? 'P' : 'M';
     Context::set('type', $type);
     if ($type == 'P') {
         $dir = 'skins';
     } else {
         $dir = 'm.skins';
     }
     if (!$skin) {
         $tpl = "";
     } else {
         $oModuleModel = getModel('module');
         $skin_info = $oModuleModel->loadSkinInfo($this->module_path, $skin, $dir);
         Context::set('skin_info', $skin_info);
         $oModuleModel = getModel('module');
         $communication_config = $oModuleModel->getModuleConfig('communication');
         if (!$communication_config->colorset) {
             $communication_config->colorset = "white";
         }
         Context::set('communication_config', $communication_config);
         $security = new Security();
         $security->encodeHTML('skin_info.colorset..title', 'skin_info.colorset..name');
         $security->encodeHTML('skin_info.colorset..name');
         $oTemplate = TemplateHandler::getInstance();
         $tpl = $oTemplate->compile($this->module_path . 'tpl', 'colorset_list');
     }
     $this->add('tpl', $tpl);
     $this->add('type', $type);
 }
示例#5
0
 /**
  * Display output list (administrative)
  * @return void
  */
 function dispTrackbackAdminList()
 {
     // Wanted set
     $oModuleModel =& getModel('module');
     $config = $oModuleModel->getModuleConfig('trackback');
     Context::set('config', $config);
     // Options to get a list
     $args->page = Context::get('page');
     // / "Page
     $args->list_count = 30;
     // / "One page of posts to show the
     $args->page_count = 10;
     // / "Number of pages that appear in the page navigation
     $args->sort_index = 'list_order';
     // / "Sorting values
     $args->module_srl = Context::get('module_srl');
     // Get a list
     $oTrackbackAdminModel =& getAdminModel('trackback');
     $output = $oTrackbackAdminModel->getTotalTrackbackList($args);
     // To write to a template parameter settings
     Context::set('total_count', $output->total_count);
     Context::set('total_page', $output->total_page);
     Context::set('page', $output->page);
     Context::set('trackback_list', $output->data);
     Context::set('page_navigation', $output->page_navigation);
     //Security
     $security = new Security();
     $security->encodeHTML('config.');
     $security->encodeHTML('trackback_list..');
     // Set a template
     $this->setTemplatePath($this->module_path . 'tpl');
     $this->setTemplateFile('trackback_list');
 }
 function init()
 {
     $oTimelineModel = getModel('timeline');
     $module_srl = Context::get('module_srl');
     $timeline_info = $oTimelineModel->getTimelineInfo($module_srl);
     // 타임라인 게시판 정보 유효성 검증
     if ($timeline_info) {
         $standard_date = sscanf($timeline_info->standard_date, '%04d%02d%02d%02d%02d%02d');
         $limit_date = sscanf($timeline_info->limit_date, '%04d%02d%02d%02d%02d%02d');
         Context::set('timeline_info', $timeline_info);
         Context::set('attach_info', $timeline_info->attach_info);
         Context::set('standard_date', $standard_date);
         Context::set('limit_date', $limit_date);
     } else {
         Context::set('module_srl', '');
     }
     // 모듈 분류 불러오기
     $oModuleModel = getModel('module');
     $module_category = $oModuleModel->getModuleCategories();
     Context::set('module_category', $module_category);
     $security = new Security();
     $security->encodeHTML('module_category..');
     // 모듈 설치 여부 불러오기
     $is_installed = !$this->checkUpdate();
     Context::set('is_installed', $is_installed);
     // 템플릿 경로 설정
     $this->setTemplatePath($this->module_path . 'tpl');
 }
示例#7
0
 function init()
 {
     $oSecurity = new Security();
     $oSecurity->encodeHTML('document_srl', 'comment_srl', 'vid', 'mid', 'page', 'category', 'search_target', 'search_keyword', 'sort_index', 'order_type', 'trackback_srl');
     if ($this->module_info->list_count) {
         $this->list_count = $this->module_info->list_count;
     }
     if ($this->module_info->search_list_count) {
         $this->search_list_count = $this->module_info->search_list_count;
     }
     if ($this->module_info->page_count) {
         $this->page_count = $this->module_info->page_count;
     }
     $this->except_notice = $this->module_info->except_notice == 'N' ? false : true;
     // $this->_getStatusNameListecret option backward compatibility
     $oDocumentModel = getModel('document');
     $statusList = $this->_getStatusNameList($oDocumentModel);
     if (isset($statusList['SECRET'])) {
         $this->module_info->secret = 'Y';
     }
     // use_category <=1.5.x, hide_category >=1.7.x
     $count_category = count($oDocumentModel->getCategoryList($this->module_info->module_srl));
     if ($count_category) {
         if ($this->module_info->hide_category) {
             $this->module_info->use_category = $this->module_info->hide_category == 'Y' ? 'N' : 'Y';
         } else {
             if ($this->module_info->use_category) {
                 $this->module_info->hide_category = $this->module_info->use_category == 'Y' ? 'N' : 'Y';
             } else {
                 $this->module_info->hide_category = 'N';
                 $this->module_info->use_category = 'Y';
             }
         }
     } else {
         $this->module_info->hide_category = 'Y';
         $this->module_info->use_category = 'N';
     }
     /**
      * check the consultation function, if the user is admin then swich off consultation function
      * if the user is not logged, then disppear write document/write comment./ view document
      **/
     if ($this->module_info->consultation == 'Y' && !$this->grant->manager) {
         $this->consultation = true;
         if (!Context::get('is_logged')) {
             $this->grant->list = $this->grant->write_document = $this->grant->write_comment = $this->grant->view = false;
         }
     } else {
         $this->consultation = false;
     }
     $oDocumentModel = getModel('document');
     $extra_keys = $oDocumentModel->getExtraKeys($this->module_info->module_srl);
     Context::set('extra_keys', $extra_keys);
     $template_path = sprintf("%sm.skins/%s/", $this->module_path, $this->module_info->mskin);
     if (!is_dir($template_path) || !$this->module_info->mskin) {
         $this->module_info->mskin = 'default';
         $template_path = sprintf("%sm.skins/%s/", $this->module_path, $this->module_info->mskin);
     }
     $this->setTemplatePath($template_path);
     Context::addJsFilter($this->module_path . 'tpl/filter', 'input_password.xml');
 }
 /**
  * Logout current user
  * Since the logout doesn't throw an error, we don't throw one either
  */
 public function logout($message = array())
 {
     if ($member = Member::currentUser()) {
         $security = new Security();
         $security->logout(false);
     }
     return true;
 }
 public function breakJSONObject()
 {
     try {
         $queryCollection = "";
         $shield = new Security();
         $json_file = $_POST['jsonobject'];
         $json_file = str_replace('{"dt_objectTable":[', '{"dt_objectTable":', $json_file);
         $json_file = str_replace('{"dt_relatedTable":[', '{"dt_relatedTable":', $json_file);
         $json_file = str_replace('}]}', '}}', $json_file);
         if ($shield->shield($_POST['MODIFY_STATUS']) == "INS") {
             $fieldtarget = '{"fieldName":"ROADOFSPK","fieldValue":"0","fieldType":"numeric","fieldKey":"0"}';
             $additionalField = "";
             if ($shield->shield($_POST['CARA_BAYAR']) == "KREDIT") {
                 $additionalField .= '{"fieldName":"SISA_BAYAR","fieldValue":"' . $_POST["DP_SYSTEM"] . '","fieldType":"numeric"}';
                 $additionalField .= ',{"fieldName":"STATUS_PO","fieldValue":"1. INDENT","fieldType":"string"}';
                 $additionalField .= ',{"fieldName":"AR_AMOUNT","fieldValue":"' . $_POST["DP_SYSTEM"] . '","fieldType":"numeric"}';
             } else {
                 $additionalField .= '{"fieldName":"SISA_BAYAR","fieldValue":"' . $_POST["HARGA"] . '","fieldType":"numeric"}';
                 $additionalField .= ',{"fieldName":"AR_AMOUNT","fieldValue":"' . $_POST["HARGA"] . '","fieldType":"numeric"}';
             }
             $additionalField .= ',{"fieldName":"STATUS_SPK","fieldValue":"1","fieldType":"string"}';
             $additionalField .= ',{"fieldName":"STATUS_JUAL","fieldValue":"1. SPK","fieldType":"string"}';
             $additionalField .= ',{"fieldName":"STATUS_KIRIM","fieldValue":"N","fieldType":"string"}';
             $additionalField .= ',{"fieldName":"STATUS_ARK","fieldValue":"N","fieldType":"string"}';
             $additionalField .= ',{"fieldName":"CUSTOM_NO","fieldValue":"' . $shield->shield($_POST["NO_SPK"]) . '","fieldType":"string"}';
             $additionalField .= ',{"fieldName":"ROADOFSPK","fieldValue":"0","fieldType":"numeric"}';
             $json_file = str_replace($fieldtarget, $additionalField, $json_file);
         }
         //echo $json_file;
         // convert the string to a json object
         $jfo = json_decode($json_file);
         $relField = "";
         $relCount = 0;
         $relTables = $jfo->dt_objectTable->dt_relatedTables;
         foreach ($relTables as $relTbl) {
             $myTable = $relTbl->dt_relatedTable;
             $relTableName = $myTable->tableName;
             $relautonumFormat = $myTable->autonumFormat;
             $relModifyStatus = $myTable->modify_status;
             $dt_relFields = $myTable->dt_relfieldCollection;
             $queryCollection .= $this->generateQuery($dt_relFields, $relTableName, $relautonumFormat, $relModifyStatus, $relCount);
             $relCount = $relCount + 1;
         }
         $tableName = $jfo->dt_objectTable->tableName;
         $autonumFormat = $jfo->dt_objectTable->autonumFormat;
         $modifystatus = $jfo->dt_objectTable->modify_status;
         $dt_fields = $jfo->dt_objectTable->dt_fieldsCollection;
         $queryCollection .= $this->generateQuery($dt_fields, $tableName, $autonumFormat, $modifystatus, 0);
         //echo $queryCollection;
         $model = new object_Model();
         $result = $model->executeQuery($queryCollection);
         $weblog = new objectupdate();
         $result = $weblog->record_webaccess_log("DML : " . ${$modifystatus} . "-" . $tableName . "-" . $shield->shield($_POST["NO_SPK"]));
         header("Location: entry-spk");
     } catch (Exception $e) {
         throw new Exception($e->getMessage());
     }
 }
 function init()
 {
     $oTextyleHubModel =& getModel('textylehub');
     $this->module_info = $oTextyleHubModel->getTextyleHubInfo();
     Context::set('module_info', $this->module_info);
     Context::set('module_srl', $this->module_info->module_srl);
     $this->setTemplatePath($this->module_path . 'tpl');
     $security = new Security();
     $security->encodeHTML('module_info.');
 }
示例#11
0
 /**
  * @brief Output the list of banned words
  */
 function dispSpamfilterAdminDeniedWordList()
 {
     // Get the list of denied IP addresses and words
     $oSpamFilterModel = getModel('spamfilter');
     $word_list = $oSpamFilterModel->getDeniedWordList();
     Context::set('word_list', $word_list);
     $security = new Security();
     $security->encodeHTML('word_list..word');
     // Set a template file
     $this->setTemplateFile('denied_word_list');
 }
 /**
  * Methode qui est déclenché après l'événement InteractiveLogin
  * qui est  l'action de login dans la sécurité
  * @param InteractiveLoginEvent $event
  */
 public function onAuthenticationSuccess(InteractiveLoginEvent $event)
 {
     $now = new \DateTime('now');
     // récupére l'utilisateur  courant connecté
     $user = $this->tokenStorage->getToken()->getUser();
     $route = 'troiswa_back_admin';
     // met à jour la date de connexion de l'utilisateur
     $user->setDateAuth($now);
     //enregistre mon utilisateur avec sa date modifié
     $this->em->persist($user);
     $this->em->flush();
 }
示例#13
0
 function init()
 {
     $init = new boot();
     if (isset($_GET['app'])) {
         if (empty($_GET['app'])) {
             header("Location: dashboard");
         }
         //$sr = $_GET['sr'];
         if (!isset($_SESSION['user-id'])) {
             $app_get = "login";
         } else {
             $security = new Security();
             $app_get = $security->shield($_GET['app']);
             $app_get_sub = $security->shield($_GET['sub_app']);
         }
         switch ($app_get) {
             case $app_get:
                 if (file_exists(LOCAL_DIR . "/apps/" . $app_get . "/" . $app_get . "_Controller.php")) {
                     $ldr = new autoloader($app_get);
                     if ($app_get_sub) {
                         $dynamic = "ajax_" . $app_get . "_Controller";
                     } else {
                         $dynamic = $app_get . "_Controller";
                         $weblog = new objectupdate();
                         $result = $weblog->record_webaccess_log("module : " . $app_get);
                     }
                     $object = new $dynamic();
                     if ($app_get == "object") {
                         $object->breakJSONObject();
                     }
                     if ($app_get == "ob_update") {
                         $object->breakJSONObject();
                     }
                 } else {
                     if ($app_get == "logout") {
                         //unset($_SESSION["user-id"]);
                         session_destroy();
                         //setcookie("user-id","", time()-3600);
                         header("Location: login");
                     } else {
                         $weblog = new objectupdate();
                         $result = $weblog->record_webaccess_log("Accessing wrong module");
                         header("Location: page-not-found");
                     }
                 }
                 break;
         }
     } else {
         $weblog = new objectupdate();
         $result = $weblog->record_webaccess_log("Accessing wrong module");
         header("Location: dashboard");
     }
 }
示例#14
0
 public function __construct()
 {
     $model = new login_Model();
     $shield = new Security();
     if ($_GET["param"] == "exec") {
         $username = $_POST["username"];
         $myuserid = $shield->shield($username);
         $mypassword = $shield->shield($_POST["password"]);
         $datauser = $model->get_userinfo($myuserid, $mypassword);
     } else {
         $datauser = "******";
     }
     require_once 'login_View.php';
 }
 function dispAndroidpushappAdminConfig()
 {
     $oModuleModel = getModel('module');
     $oAndroidpushappModel = getModel('androidpushapp');
     $config = $oAndroidpushappModel->getConfig();
     Context::set('config', $config);
     $security = new Security();
     $security->encodeHTML('config..');
     $androidpushapp_module_info = $oModuleModel->getModuleInfoXml('androidpushapp');
     Context::set('androidpushapp_module_info', $androidpushapp_module_info);
     $mid_list = $oModuleModel->getMidList(null, array('module_srl', 'mid', 'browser_title', 'module'));
     Context::set('mid_list', $mid_list);
     $this->setTemplateFile('Config');
 }
示例#16
0
 public function init($var)
 {
     if (isset($_GET['sr'])) {
         $sr = $_GET['sr'];
         if (!isset($_GET['app'])) {
             die(_GET_APP_DONT_EXIST);
         }
         //$class_methods = get_class_methods("appController");
         $security = new Security();
         $shield_var = $security->shield($_GET['app']);
         $class_methods = get_class_methods($shield_var . "_Controller");
         //var_dump($class_methods);
         foreach ($class_methods as $method_name) {
             //echo "$method_name\n";
             if ($sr == $method_name) {
                 /**
                  						($sr != "__construct") && _
                  						($sr != "__call") && _
                  						($sr != "__callStatic") && _
                  						($sr != "__get") && _
                  						($sr != "__set") && _
                  						($sr != "__isset") && _
                  						($sr != "__unset") && _
                  						($sr != "__sleep") && _
                  						($sr != "__get") && _
                  						($sr != "__wakeup") && _
                  						($sr != "__toString") && _
                  						($sr != "__invoke") && _
                  						($sr != "__destruct")) {
                  						**/
                 switch ($sr) {
                     // llama staticamente
                     //appController::$sr();
                     //appModel::$sr();
                     //AppView::$sr();
                     case $sr:
                         $var->{$sr}();
                         break;
                 }
                 // switch
             }
             // if
         }
         // for each
     } else {
         if (!isset($_GET['sr'])) {
             $var->main();
         }
     }
 }
 function dispNcenterliteAdminConfig()
 {
     $oModuleModel = getModel('module');
     $oNcenterliteModel = getModel('ncenterlite');
     $oLayoutModel = getModel('layout');
     $config = $oNcenterliteModel->getConfig();
     Context::set('config', $config);
     $layout_list = $oLayoutModel->getLayoutList();
     Context::set('layout_list', $layout_list);
     $mobile_layout_list = $oLayoutModel->getLayoutList(0, 'M');
     Context::set('mlayout_list', $mobile_layout_list);
     $skin_list = $oModuleModel->getSkins($this->module_path);
     Context::set('skin_list', $skin_list);
     $mskin_list = $oModuleModel->getSkins($this->module_path, "m.skins");
     Context::set('mskin_list', $mskin_list);
     if (!$skin_list[$config->skin]) {
         $config->skin = 'default';
     }
     Context::set('colorset_list', $skin_list[$config->skin]->colorset);
     if (!$mskin_list[$config->mskin]) {
         $config->mskin = 'default';
     }
     Context::set('mcolorset_list', $mskin_list[$config->mskin]->colorset);
     $security = new Security();
     $security->encodeHTML('config..');
     $security->encodeHTML('skin_list..title');
     $security->encodeHTML('colorset_list..name', 'colorset_list..title');
     $mid_list = $oModuleModel->getMidList(null, array('module_srl', 'mid', 'browser_title', 'module'));
     Context::set('mid_list', $mid_list);
     // 사용환경정보 전송 확인
     $ncenterlite_module_info = $oModuleModel->getModuleInfoXml('ncenterlite');
     $agreement_file = FileHandler::getRealPath(sprintf('%s%s.txt', './files/ncenterlite/ncenterlite-', $ncenterlite_module_info->version));
     $agreement_ver_file = FileHandler::getRealPath(sprintf('%s%s.txt', './files/ncenterlite/ncenterlite_ver-', $ncenterlite_module_info->version));
     if (file_exists($agreement_file)) {
         $agreement = FileHandler::readFile($agreement_file);
         Context::set('_ncenterlite_env_agreement', $agreement);
         $agreement_ver = FileHandler::readFile($agreement_ver_file);
         if ($agreement == 'Y') {
             $_ncenterlite_iframe_url = 'http://sosifam.com/index.php?mid=ncenterlite_iframe';
             if (!$agreement_ver) {
                 $_host_info = urlencode($_SERVER['HTTP_HOST']) . '-NC' . $ncenterlite_module_info->version . '-PHP' . phpversion() . '-XE' . __XE_VERSION__;
             }
             Context::set('_ncenterlite_iframe_url', $_ncenterlite_iframe_url . '&_host=' . $_host_info);
             Context::set('ncenterlite_module_info', $ncenterlite_module_info);
         }
         FileHandler::writeFile($agreement_ver_file, 'Y');
     } else {
         Context::set('_ncenterlite_env_agreement', 'NULL');
     }
 }
 /**
  * Module selection and skin set
  *
  * @return Object
  */
 function dispStore_searchAdminContent()
 {
     // Get a list of skins(themes)
     $oModuleModel =& getModel('module');
     $skin_list = $oModuleModel->getSkins($this->module_path);
     Context::set('skin_list', $skin_list);
     // Get a list of module categories
     $module_categories = $oModuleModel->getModuleCategories();
     // Generated mid Wanted list
     $obj = new stdClass();
     $obj->site_srl = 0;
     $security = new Security();
     $security->encodeHTML('skin_list..title');
     $this->setTemplateFile("index");
 }
示例#19
0
 public function init()
 {
     parent::init();
     if (!Director::is_cli() && !Permission::check('ADMIN')) {
         return Security::permissionFailure();
     }
 }
示例#20
0
 public function action_questions()
 {
     $list = ORM::factory('Expert_Question')->where('is_answered', '=', 1);
     $search = Security::xss_clean(Arr::get($_POST, 'search', ''));
     if (!empty($search)) {
         $list->and_where('question', 'LIKE', '%' . $search . '%');
     }
     $list = $list->order_by('date', 'DESC');
     $paginate = Paginate::factory($list)->paginate(NULL, NULL, 10)->render();
     $list = $list->find_all();
     $this->set('search', $search);
     $this->set('list', $list);
     $this->set('paginate', $paginate);
     if ($this->request->method() == Request::POST) {
         if (Auth::instance()->logged_in()) {
             try {
                 $user_id = Auth::instance()->get_user()->id;
                 $question = ORM::factory('Expert_Question');
                 $question->user_id = $user_id;
                 $question->question = Arr::get($_POST, 'question', '');
                 $question->date = date('Y-m-d H:i:s');
                 $question->save();
             } catch (ORM_Validation_Exception $e) {
             }
         } else {
             Message::success(i18n::get('You have to login'));
         }
     }
     $this->add_cumb('Question-answer', '/');
 }
示例#21
0
 public function action_Department($Kid)
 {
     //CSRF対策
     $this->data['token_key'] = Config::get('security.csrf_token_key');
     $this->data['token'] = Security::fetch_token();
     //カテゴリごとの投稿件数を取得
     $count = Model_Post::query()->where('Kid', '=', $Kid)->count();
     //ページネーションの設定(カテゴリごとの投稿表示仕様)
     $config = array('pagination_url' => 'noteshare/list/' . $Kid, 'uri_segment' => 3, 'num_links' => 3, 'per_page' => $this->per_page, 'total_items' => $count, 'show_first' => true, 'show_last' => true);
     $pagination = Pagination::forge('post_pagination', $config);
     $this->data['posts'] = Model_Post::query()->where('Kid', '=', $Kid)->order_by('Ptime', 'desc')->limit($this->per_page)->offset($pagination->offset)->get();
     $this->data['department'] = Model_Category::query()->where('Kid', '=', $Kid)->get();
     $this->action_categorize();
     //homeのビューオブジェクトを生成
     if (!$count) {
         $this->data['error'] = true;
         $view = View::forge('list/DepartmentList', $this->data);
         $view->set_safe('pagination', $pagination);
         //メッセージの定義
     } else {
         $view = View::forge('list/DepartmentList', $this->data);
         $view->set_safe('pagination', $pagination);
     }
     return $view;
 }
示例#22
0
 public function RegisterOp()
 {
     if (!Security::checkToken()) {
         showMessage('登录错误', '', '', 'error');
     }
     if (!checkSeccode($_POST['nchash'], $_POST['captcha'])) {
         showMessage('验证码错误', '', '', 'error');
     }
     $model_seller = Model('seller');
     $seller_info = $model_seller->getSellerInfo(array('seller_name' => $_POST['seller_name']));
     if ($seller_info) {
         $model_member = Model('member');
         $member_info = $model_member->infoMember(array('member_id' => $seller_info['member_id'], 'member_passwd' => md5($_POST['password'])));
         if ($member_info) {
             // 更新卖家登陆时间
             $model_seller->editSeller(array('last_login_time' => TIMESTAMP), array('seller_id' => $seller_info['seller_id']));
             $model_seller_group = Model('seller_group');
             $seller_group_info = $model_seller_group->getSellerGroupInfo(array('group_id' => $seller_info['seller_group_id']));
             $model_store = Model('store');
             $store_info = $model_store->getStoreInfoByID($seller_info['store_id']);
             $_SESSION['is_login'] = '******';
             $_SESSION['member_id'] = $member_info['member_id'];
             $_SESSION['member_name'] = $member_info['member_name'];
             $_SESSION['member_email'] = $member_info['member_email'];
             $_SESSION['is_buy'] = $member_info['is_buy'];
             $_SESSION['avatar'] = $member_info['member_avatar'];
             $_SESSION['grade_id'] = $store_info['grade_id'];
             $_SESSION['seller_id'] = $seller_info['seller_id'];
             $_SESSION['seller_name'] = $seller_info['seller_name'];
             $_SESSION['seller_is_admin'] = intval($seller_info['is_admin']);
             $_SESSION['store_id'] = intval($seller_info['store_id']);
             $_SESSION['store_name'] = $store_info['store_name'];
             $_SESSION['seller_limits'] = explode(',', $seller_group_info['limits']);
             if ($seller_info['is_admin']) {
                 $_SESSION['seller_group_name'] = '管理员';
             } else {
                 $_SESSION['seller_group_name'] = $seller_group_info['group_name'];
             }
             if (!$seller_info['last_login_time']) {
                 $seller_info['last_login_time'] = TIMESTAMP;
             }
             $_SESSION['seller_last_login_time'] = date('Y-m-d H:i', $seller_info['last_login_time']);
             $seller_menu = $this->getSellerMenuList($seller_info['is_admin'], explode(',', $seller_group_info['limits']));
             $_SESSION['seller_menu'] = $seller_menu['seller_menu'];
             $_SESSION['seller_function_list'] = $seller_menu['seller_function_list'];
             if (!empty($seller_info['seller_quicklink'])) {
                 $quicklink_array = explode(',', $seller_info['seller_quicklink']);
                 foreach ($quicklink_array as $value) {
                     $_SESSION['seller_quicklink'][$value] = $value;
                 }
             }
             $this->recordSellerLog('登录成功');
             showMessage('登录成功', 'index.php?act=seller_center');
         } else {
             showMessage('用户名密码错误', '', '', 'error');
         }
     } else {
         showMessage('用户名密码错误', '', '', 'error');
     }
 }
 public function edit()
 {
     if (!$this->canEditOrganisation()) {
         return Security::permissionFailure($this, "You do not have permission to edit this organisation.");
     }
     return array('Title' => 'Editing ' . $this->Title, 'Form' => $this->EditOrganisationForm());
 }
 function beforeFilter()
 {
     //$this->Auth->allow('index','view');
     $this->Auth->allow('index', 'view');
     //$this->Auth->allow('login','save');
     Security::setHash('md5');
 }
 function init()
 {
     if (!Director::is_cli() && !Director::isDev() && !Permission::check("ADMIN")) {
         Security::permissionFailure();
     }
     parent::init();
 }
 public function run($request)
 {
     $algo = Security::get_password_encryption_algorithm();
     if ($algo == 'none') {
         $this->debugMessage('Password encryption disabled');
         return;
     }
     // Are there members with a clear text password?
     $members = DataObject::get("Member", "\"PasswordEncryption\" = 'none' AND \"Password\" IS NOT NULL");
     if (!$members) {
         $this->debugMessage('No passwords to encrypt');
         return;
     }
     // Encrypt the passwords...
     $this->debugMessage('Encrypting all passwords');
     $this->debugMessage(sprintf('The passwords will be encrypted using the %s algorithm', $algo));
     foreach ($members as $member) {
         // Force the update of the member record, as new passwords get
         // automatically encrypted according to the settings, this will do all
         // the work for us
         $member->PasswordEncryption = $algo;
         $member->forceChange();
         $member->write();
         $this->debugMessage(sprintf('Encrypted credentials for member #%d;', $member->ID));
     }
 }
 public function edit()
 {
     if (!$this->canEditProfile()) {
         return Security::permissionFailure($this, "You do not have permission to edit this profile.");
     }
     return array('Title' => "Edit Profile", 'Content' => '', 'Form' => $this->EditProfileForm());
 }
 public function init()
 {
     parent::init();
     if (!Permission::check('ADMIN')) {
         return Security::permissionFailure($this);
     }
 }
 /**
  * @return string
  */
 public function install()
 {
     if (!Permission::check('ADMIN')) {
         return Security::permissionFailure($this);
     }
     return $this->customise(array('Title' => 'Install Deploy Tools', 'Content' => '<p>Some instructions would be nice.</p>', 'Form' => $this->InstallForm()))->renderWith(array('Page', 'Page'));
 }
 /**
  * Process all incoming requests passed to this controller, checking
  * that the file exists and passing the file through if possible.
  */
 public function handleRequest(SS_HTTPRequest $request, DataModel $model)
 {
     // Copied from Controller::handleRequest()
     $this->pushCurrent();
     $this->urlParams = $request->allParams();
     $this->request = $request;
     $this->response = new SS_HTTPResponse();
     $this->setDataModel($model);
     $url = array_key_exists('url', $_GET) ? $_GET['url'] : $_SERVER['REQUEST_URI'];
     // remove any relative base URL and prefixed slash that get appended to the file path
     // e.g. /mysite/assets/test.txt should become assets/test.txt to match the Filename field on File record
     $url = Director::makeRelative(ltrim(str_replace(BASE_URL, '', $url), '/'));
     $file = File::find($url);
     if ($this->canDownloadFile($file)) {
         // If we're trying to access a resampled image.
         if (preg_match('/_resampled\\/[^-]+-/', $url)) {
             // File::find() will always return the original image, but we still want to serve the resampled version.
             $file = new Image();
             $file->Filename = $url;
         }
         $this->extend('onBeforeSendFile', $file);
         return $this->sendFile($file);
     } else {
         if ($file instanceof File) {
             // Permission failure
             Security::permissionFailure($this, 'You are not authorised to access this resource. Please log in.');
         } else {
             // File doesn't exist
             $this->response = new SS_HTTPResponse('File Not Found', 404);
         }
     }
     return $this->response;
 }