public function __construct() { global $osC_Language, $osC_MessageStack; parent::__construct(); if (isset($_POST['batch']) && is_array($_POST['batch']) && !empty($_POST['batch'])) { $this->_page_contents = 'batch_edit.php'; if (isset($_POST['subaction']) && $_POST['subaction'] == 'confirm') { $error = false; foreach ($_POST['batch'] as $id) { if (!osC_Administrators_Admin::setAccessLevels($id, $_POST['modules'], $_POST['mode'])) { $error = true; break; } } if ($error === false) { $osC_MessageStack->add($this->_module, $osC_Language->get('ms_success_action_performed'), 'success'); if (in_array($_SESSION['admin']['id'], $_POST['batch'])) { $_SESSION['admin']['access'] = osC_Access::getUserLevels($_SESSION['admin']['id']); } } else { $osC_MessageStack->add($this->_module, $osC_Language->get('ms_error_action_not_performed'), 'error'); } osc_redirect_admin(osc_href_link_admin(FILENAME_DEFAULT, $this->_module)); } } }
function login() { global $toC_Json, $osC_Language, $osC_Database; $Qcheck_session = $osC_Database->query('select count(*) from :table_sessions'); $Qcheck_session->bindTable(':table_sessions', TABLE_SESSIONS); $Qcheck_session->execute(); if ($osC_Database->isError() || $Qcheck_session->numberOfRows() < 1) { $Qrepaire = $osC_Database->query('repair table :table_sessions'); $Qrepaire->bindTable(':table_sessions', TABLE_SESSIONS); $Qrepaire->execute(); $Qrepaire->freeResult(); } $Qcheck_session->freeResult(); $response = array(); if (!empty($_REQUEST['user_name']) && !empty($_REQUEST['user_password'])) { $Qadmin = $osC_Database->query('select id, user_name, user_password from :table_administrators where user_name = :user_name'); $Qadmin->bindTable(':table_administrators', TABLE_ADMINISTRATORS); $Qadmin->bindValue(':user_name', $_REQUEST['user_name']); $Qadmin->execute(); if ($Qadmin->numberOfRows() > 0) { while ($Qadmin->next()) { if (osc_validate_password($_REQUEST['user_password'], $Qadmin->value('user_password'))) { $_SESSION['admin'] = array('id' => $Qadmin->valueInt('id'), 'username' => $Qadmin->value('user_name'), 'access' => osC_Access::getUserLevels($Qadmin->valueInt('id'))); $response['success'] = true; echo $toC_Json->encode($response); exit; } } } } $response = array('success' => false, 'feedback' => $osC_Language->get('ms_error_login_invalid')); echo $toC_Json->encode($response); }
public function __construct() { global $osC_Language, $osC_MessageStack; parent::__construct(); if (isset($_GET['aID']) && is_numeric($_GET['aID'])) { $this->_page_contents = 'edit.php'; } else { $this->_page_contents = 'new.php'; } if (isset($_POST['subaction']) && $_POST['subaction'] == 'confirm') { $data = array('username' => $_POST['user_name'], 'password' => $_POST['user_password']); switch (osC_Administrators_Admin::save(isset($_GET['aID']) && is_numeric($_GET['aID']) ? $_GET['aID'] : null, $data, isset($_POST['modules']) ? $_POST['modules'] : null)) { case 1: if (isset($_GET['aID']) && is_numeric($_GET['aID']) && $_GET['aID'] == $_SESSION['admin']['id']) { $_SESSION['admin']['access'] = osC_Access::getUserLevels($_GET['aID']); } $osC_MessageStack->add($this->_module, $osC_Language->get('ms_success_action_performed'), 'success'); osc_redirect_admin(osc_href_link_admin(FILENAME_DEFAULT, $this->_module)); break; case -1: $osC_MessageStack->add($this->_module, $osC_Language->get('ms_error_action_not_performed'), 'error'); osc_redirect_admin(osc_href_link_admin(FILENAME_DEFAULT, $this->_module)); break; case -2: $osC_MessageStack->add($this->_module, $osC_Language->get('ms_error_username_already_exists'), 'error'); break; } } }
function osC_Summary_customers() { global $osC_Language; $osC_Language->loadIniFile('modules/summary/customers.php'); $this->_title = $osC_Language->get('summary_customers_title'); $this->_title_link = osc_href_link_admin(FILENAME_DEFAULT, 'customers'); if (osC_Access::hasAccess('customers')) { $this->_setData(); } }
function __construct() { global $osC_Language; $osC_Language->loadIniFile('modules/summary/error_log.php'); $this->_title = $osC_Language->get('summary_error_log_title'); $this->_title_link = osc_href_link_admin(FILENAME_DEFAULT, 'error_log'); if (osC_Access::hasAccess('error_log')) { $this->_setData(); } }
function osC_Summary_administrators_log() { global $osC_Language; $osC_Language->loadIniFile('modules/summary/administrators_log.php'); $this->_title = $osC_Language->get('summary_administrators_log_title'); $this->_title_link = osc_href_link_admin(FILENAME_DEFAULT, 'administrators_log'); if (osC_Access::hasAccess('administrators_log')) { $this->_setData(); } }
function parse() { global $osC_Language; if (isset($_SESSION['admin'])) { $access = osC_Access::getLevels(); ksort($access); $found = false; $module = null; foreach ($access as $group => $links) { foreach ($links as $link) { if (is_array($link['subgroups']) && !empty($link['subgroups'])) { foreach ($link['subgroups'] as $subgroup) { if ($_REQUEST['module'] == $subgroup['identifier']) { $found = true; $module = $link['module']; break; } } } else { if ($_REQUEST['module'] == $link['module'] . '-win') { $found = true; $module = $link['module']; break; } } } } if ($found === true) { $osC_Language->loadIniFile($module . '.php'); if (file_exists('includes/extmodules/' . $module . '/main.php')) { include 'includes/extmodules/' . $module . '/main.php'; exit; } else { echo "{'success': false}"; } } } else { echo "{'success': false, 'error': 'session_timeout'}"; } }
public function __construct() { global $osC_Database, $osC_Language, $osC_MessageStack; parent::__construct(); if (!empty($_POST['user_name']) && !empty($_POST['user_password'])) { $Qadmin = $osC_Database->query('select id, user_name, user_password from :table_administrators where user_name = :user_name'); $Qadmin->bindTable(':table_administrators', TABLE_ADMINISTRATORS); $Qadmin->bindValue(':user_name', $_POST['user_name']); $Qadmin->execute(); if ($Qadmin->numberOfRows()) { if (osc_validate_password($_POST['user_password'], $Qadmin->value('user_password'))) { $_SESSION['admin'] = array('id' => $Qadmin->valueInt('id'), 'username' => $Qadmin->value('user_name'), 'access' => osC_Access::getUserLevels($Qadmin->valueInt('id'))); $get_string = null; if (isset($_SESSION['redirect_origin'])) { $get_string = http_build_query($_SESSION['redirect_origin']['get']); unset($_SESSION['redirect_origin']); } osc_redirect_admin(osc_href_link_admin(FILENAME_DEFAULT, $get_string)); } } } $osC_MessageStack->add('header', $osC_Language->get('ms_error_login_invalid'), 'error'); }
<?php if ($osC_Template->hasPageHeader()) { include 'templates/default/header.php'; } if (isset($_SESSION['admin']) && !in_array($osC_Template->getModule(), array('index', 'login'))) { ?> <div id="appsPane"> <h4><?php echo osC_Access::getGroupTitle(osC_Access::getGroup($osC_Template->getModule())); ?> </h4> <?php foreach (osC_Access::getLevels(osC_Access::getGroup($osC_Template->getModule())) as $group => $links) { echo '<ul>'; foreach ($links as $link) { echo '<li' . ($link['module'] == $osC_Template->getModule() ? ' class="selected"' : '') . '><span>' . osc_icon($link['icon'], $link['title']) . '</span> <a href="' . osc_href_link_admin(FILENAME_DEFAULT, $link['module']) . '">' . $link['title'] . '</a>'; if (is_array($link['subgroups']) && !empty($link['subgroups'])) { echo '<ul' . ($link['module'] == $osC_Template->getModule() ? ' style="display: block;"' : '') . '>'; foreach ($link['subgroups'] as $subgroup) { echo '<li><a href="' . osc_href_link_admin(FILENAME_DEFAULT, $link['module'] . '&' . $subgroup['identifier']) . '">' . $subgroup['title'] . '</a></li>'; } echo '</ul>'; } echo '</li>'; } echo '</ul>'; } ?>
public static function getAccessModules() { global $osC_Language; $osC_DirectoryListing = new osC_DirectoryListing('includes/modules/access'); $osC_DirectoryListing->setIncludeDirectories(false); $modules = array(); foreach ($osC_DirectoryListing->getFiles() as $file) { $module = substr($file['name'], 0, strrpos($file['name'], '.')); if (!class_exists('osC_Access_' . ucfirst($module))) { $osC_Language->loadIniFile('modules/access/' . $file['name']); include $osC_DirectoryListing->getDirectory() . '/' . $file['name']; } $module = 'osC_Access_' . ucfirst($module); $module = new $module(); $modules[osC_Access::getGroupTitle($module->getGroup())][] = array('id' => $module->getModule(), 'text' => $module->getTitle()); } ksort($modules); return $modules; }
</td> </tr> </table> <div id="administrationMenu" class="ThemeOfficeMainItem"> <ul style="visibility: hidden"> <?php $access = array(); if (isset($_SESSION['admin'])) { $access = osC_Access::getLevels(); } ksort($access); foreach ($access as $group => $links) { echo ' <li><span></span><span>' . osC_Access::getGroupTitle($group) . '</span>' . ' <ul>'; ksort($links); foreach ($links as $link) { echo ' <li><span>' . osc_icon($link['icon'], $link['title']) . '</span><a href="' . osc_href_link_admin(FILENAME_DEFAULT, $link['module']) . '">' . $link['title'] . '</a>'; if (is_array($link['subgroups']) && !empty($link['subgroups'])) { echo ' <ul>'; foreach ($link['subgroups'] as $subgroup) { echo ' <li><span>' . osc_icon($subgroup['icon']) . '</span><a href="' . osc_href_link_admin(FILENAME_DEFAULT, $link['module'] . '&' . $subgroup['identifier']) . '">' . $subgroup['title'] . '</a></li>'; } echo ' </ul>'; } echo ' </li>'; } echo ' </ul>' . ' </li>' . ' <li></li>'; } echo ' <li><span></span><span>' . $osC_Language->get('header_title_help') . '</span>' . ' <ul>' . ' <li><span>' . osc_icon('oscommerce.png') . '</span><span>' . $osC_Language->get('header_title_oscommerce_support_site') . '</span>' . ' <ul>' . ' <li><span>' . osc_icon('oscommerce.png') . '</span><a href="http://www.oscommerce.com" target="_blank">Support Site</a></li>' . ' <li><span>' . osc_icon('log.png') . '</span><a href="http://www.oscommerce.info" target="_blank">Knowledge Base</a></li>' . ' <li><span>' . osc_icon('people.png') . '</span><a href="http://forums.oscommerce.com" target="_blank">Community Forums</a></li>' . ' <li><span>' . osc_icon('run.png') . '</span><a href="http://www.oscommerce.com/community/contributions" target="_blank">Contributions</a></li>' . ' <li><span>' . osc_icon('configure.png') . '</span><a href="http://svn.oscommerce.com/jira" target="_blank">Bug Reporter</a></li>' . ' </ul>' . ' </li>' . ' <li><span>' . osc_icon('locale.png') . '</span><span>' . $osC_Language->get('header_title_languages') . '</span>' . ' <ul>';
define('RPC_STATUS_CLASS_NONEXISTENT', -60); define('RPC_STATUS_NO_ACTION', -70); define('RPC_STATUS_ACTION_NONEXISTENT', -71); if (!isset($_SESSION['admin'])) { echo json_encode(array('rpcStatus' => RPC_STATUS_NO_SESSION)); exit; } $module = null; $class = null; if (empty($_GET)) { echo json_encode(array('rpcStatus' => RPC_STATUS_NO_MODULE)); exit; } else { $first_array = array_slice($_GET, 0, 1); $_module = osc_sanitize_string(basename(key($first_array))); if (!osC_Access::hasAccess($_module)) { echo json_encode(array('rpcStatus' => RPC_STATUS_NO_ACCESS)); exit; } $class = isset($_GET['class']) && !empty($_GET['class']) ? osc_sanitize_string(basename($_GET['class'])) : 'rpc'; $action = isset($_GET['action']) && !empty($_GET['action']) ? osc_sanitize_string(basename($_GET['action'])) : ''; if (empty($action)) { echo json_encode(array('rpcStatus' => RPC_STATUS_NO_ACTION)); exit; } if (file_exists('includes/applications/' . $_module . '/classes/' . $class . '.php')) { include 'includes/applications/' . $_module . '/classes/' . $class . '.php'; if (method_exists('osC_' . ucfirst($_module) . '_Admin_' . $class, $action)) { call_user_func(array('osC_' . ucfirst($_module) . '_Admin_' . $class, $action)); exit; } else {
function outputModules() { $output = ''; if (isset($_SESSION['admin'])) { $access = osC_Access::getLevels(); ksort($access); } foreach ($access as $group => $links) { $group_class = ''; $modules = array(); foreach ($links as $link) { if (is_array($link['subgroups']) && !empty($link['subgroups'])) { $modules[] = '\'' . $link['module'] . '-subgroup' . '\''; } else { $modules[] = '\'' . $link['module'] . '-win' . '\''; } } $group_class = 'TocDesktop.' . ucfirst($group) . 'GroupWindow = Ext.extend(Ext.app.Module, {' . "\n"; $group_class .= 'appType : \'group\',' . "\n"; $group_class .= 'id : \'' . $group . '-grp\',' . "\n"; $group_class .= 'title : \'' . htmlentities(osC_Access::getGroupTitle($group), ENT_QUOTES, 'UTF-8') . '\',' . "\n"; $group_class .= 'menu : new Ext.menu.Menu(),' . "\n"; $group_class .= 'items : [' . implode(',', $modules) . '],' . "\n"; $group_class .= 'init : function(){' . "\n"; $group_class .= 'this.launcher = {' . "\n"; $group_class .= 'text: this.title,' . "\n"; $group_class .= 'iconCls: \'icon-' . $group . '-grp\',' . "\n"; $group_class .= 'menu: this.menu' . "\n"; $group_class .= '}}});' . "\n" . "\n"; $output .= $group_class; foreach ($links as $link) { if (is_array($link['subgroups']) && !empty($link['subgroups'])) { $modules = array(); foreach ($link['subgroups'] as $subgroup) { $modules[] = '\'' . $subgroup['identifier'] . '\''; } $group_class = ''; $module = str_replace(' ', '', ucwords(str_replace('_', ' ', $link['module']))); $group_class = 'TocDesktop.' . $module . 'SubGroupWindow = Ext.extend(Ext.app.Module, {' . "\n"; $group_class .= 'appType : \'subgroup\',' . "\n"; $group_class .= 'id : \'' . $link['module'] . '-subgroup\',' . "\n"; $group_class .= 'title : \'' . htmlentities($link['title'], ENT_QUOTES, 'UTF-8') . '\',' . "\n"; $group_class .= 'menu : new Ext.menu.Menu(),' . "\n"; $group_class .= 'items : [' . implode(',', $modules) . '],' . "\n"; $group_class .= 'init : function(){' . "\n"; $group_class .= 'this.launcher = {' . "\n"; $group_class .= 'text: this.title,' . "\n"; $group_class .= 'iconCls: \'icon-' . $link['module'] . '-subgroup\',' . "\n"; $group_class .= 'menu: this.menu' . "\n"; $group_class .= '}}});' . "\n" . "\n"; $output .= $group_class; $group_class = ''; $module = str_replace(' ', '', ucwords(str_replace('_', ' ', $link['module']))); $group_class = 'TocDesktop.' . $module . 'Window = Ext.extend(Ext.app.Module, {' . "\n"; $group_class .= 'appType : \'win\',' . "\n"; $group_class .= 'id : \'' . $link['module'] . '-win\',' . "\n"; $group_class .= 'title: \'' . htmlentities($link['title'], ENT_QUOTES, 'UTF-8') . '\',' . "\n"; $group_class .= 'init : function(){' . "\n"; $group_class .= 'this.launcher = {' . "\n"; $group_class .= 'text: this.title,' . "\n"; $group_class .= 'iconCls: this.iconCls,' . "\n"; $group_class .= 'shortcutIconCls: this.shortcutIconCls,' . "\n"; $group_class .= 'scope: this' . "\n"; $group_class .= '}}});' . "\n" . "\n"; $output .= $group_class; } else { $group_class = ''; $module = str_replace(' ', '', ucwords(str_replace('_', ' ', $link['module']))); $group_class = 'TocDesktop.' . $module . 'Window = Ext.extend(Ext.app.Module, {' . "\n"; $group_class .= 'appType : \'win\',' . "\n"; $group_class .= 'id : \'' . $link['module'] . '-win\',' . "\n"; $group_class .= 'title: \'' . htmlentities($link['title'], ENT_QUOTES, 'UTF-8') . '\',' . "\n"; $group_class .= 'init : function(){' . "\n"; $group_class .= 'this.launcher = {' . "\n"; $group_class .= 'text: this.title,' . "\n"; $group_class .= 'iconCls: \'icon-' . $link['module'] . '-win\',' . "\n"; $group_class .= 'shortcutIconCls: \'icon-' . $link['module'] . '-shortcut\',' . "\n"; $group_class .= 'scope: this' . "\n"; $group_class .= '}}});' . "\n" . "\n"; $output .= $group_class; } } } $output .= $this->getLangModules(); return $output; }
if ($request_type == 'SSL') { echo '<div class="reqSSL">' . __('ssl_protection') . '</div>'; } else { echo '<div class="reqNONSSL">' . __('ssl_unprotected') . '</div>'; } ?> </div> </div> <div id="adminMenu"> <ul class="levelTop"> <?php foreach (osC_Access::getLevels() as $group => $links) { echo '<li' . ($group == osC_Access::getGroup($osC_Template->getModule()) ? ' class="activeGreen"' : ' class="hoverGreen"') . '><span><a href="' . osc_href_link_admin(FILENAME_DEFAULT, $links[array_shift(array_keys($links))]['module']) . '">' . osC_Access::getGroupTitle($group) . '</a></span><ul class="levelSub">'; foreach ($links as $link) { echo '<li><a href="' . osc_href_link_admin(FILENAME_DEFAULT, $link['module']) . '">' . $link['title'] . '</a></li>'; } echo '</ul></li>'; } echo '<li class="hoverGreen"><span><a href="http://www.oscommerce.com" target="_blank">' . __('header_title_help') . '</a></span><ul class="levelSub">' . '<li><a href="http://www.oscommerce.com" target="_blank">osCommerce Support Site</a></li>' . '<li><a href="http://www.oscommerce.info" target="_blank">Online Documentation</a></li>' . '<li><a href="http://forums.oscommerce.com" target="_blank">Community Support Forums</a></li>' . '<li><a href="http://addons.oscommerce.com" target="_blank">Add-Ons Site</a></li>' . '<li><a href="http://svn.oscommerce.com/jira" target="_blank">Bug Reporter</a></li></ul></li>' . '<li class="hoverGreen"><a href="' . osc_href_link('', null, 'NONSSL', false, false, true) . '" target="_blank">' . __('header_title_online_catalog') . '</a></li>'; if (isset($_SESSION['admin'])) { echo '<li class="hoverRed"><a href="' . osc_href_link_admin(FILENAME_DEFAULT, 'login&action=logoff') . '">' . __('header_title_logoff') . '</a></li>'; } ?> </ul> </div> <script type="text/javascript">
function saveAdministrator() { global $toC_Json, $osC_Language; $data = array('username' => $_REQUEST['user_name'], 'password' => $_REQUEST['user_password'], 'email_address' => $_REQUEST['email_address']); $modules = null; if (isset($_REQUEST['modules']) && !empty($_REQUEST['modules'])) { $modules = explode(",", $_REQUEST['modules']); } if (isset($_REQUEST['access_globaladmin']) && $_REQUEST['access_globaladmin'] == 'on') { $modules = array('*'); } switch (osC_Administrators_Admin::save(isset($_REQUEST['aID']) && is_numeric($_REQUEST['aID']) ? $_REQUEST['aID'] : null, $data, $modules)) { case 1: if (isset($_REQUEST['aID']) && is_numeric($_REQUEST['aID']) && $_REQUEST['aID'] == $_SESSION['admin']['id']) { $_SESSION['admin']['access'] = osC_Access::getUserLevels($_REQUEST['aID']); } $response = array('success' => true, 'feedback' => $osC_Language->get('ms_success_action_performed')); break; case -1: $response = array('success' => false, 'feedback' => $osC_Language->get('ms_error_action_not_performed')); break; case -2: $response = array('success' => false, 'feedback' => $osC_Language->get('ms_error_username_already_exists')); break; case -3: $response = array('success' => false, 'feedback' => $osC_Language->get('ms_error_email_format')); break; case -4: $response = array('success' => false, 'feedback' => $osC_Language->get('ms_error_email_already_exists')); break; } echo $toC_Json->encode($response); }
function getGroup($module = null) { if (empty($module)) { return $this->_group; } foreach (osC_Access::getLevels() as $group => $links) { foreach ($links as $link) { if ($link['module'] == $module) { return $group; } } } return false; }
$Id$ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2009 osCommerce This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License v2 (1991) as published by the Free Software Foundation. */ require 'includes/application_top.php'; require 'includes/classes/template.php'; $_SESSION['module'] = 'index'; if (!empty($_GET)) { $first_array = array_slice($_GET, 0, 1); $_module = osc_sanitize_string(basename(key($first_array))); if (file_exists('includes/applications/' . $_module . '/' . $_module . '.php')) { $_SESSION['module'] = $_module; } } if (!osC_Access::hasAccess($_SESSION['module'])) { $osC_MessageStack->add('header', 'No access.', 'error'); osc_redirect_admin(osc_href_link_admin(FILENAME_DEFAULT)); } $osC_Language->loadIniFile($_SESSION['module'] . '.php'); require 'includes/applications/' . $_SESSION['module'] . '/' . $_SESSION['module'] . '.php'; $osC_Template = osC_Template_Admin::setup($_SESSION['module']); $osC_Template->set('default'); require 'templates/default.php'; require 'includes/application_bottom.php';