本文整理汇总了PHP中COM_getPermSql函数的典型用法代码示例。如果您正苦于以下问题:PHP COM_getPermSql函数的具体用法?PHP COM_getPermSql怎么用?PHP COM_getPermSql使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了COM_getPermSql函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: fncComment
function fncComment($id)
{
global $_CONF;
global $_TABLES;
//
$order = '';
if (isset($_REQUEST['order'])) {
$order = COM_applyFilter($_REQUEST['order']);
}
$mode = '';
if (isset($_REQUEST['mode'])) {
$mode = COM_applyFilter($_REQUEST['mode']);
}
$page = 1;
if (isset($_REQUEST['cpage'])) {
$page = COM_applyFilter($_REQUEST['cpage']);
}
//
$tbl = $_TABLES['USERBOX_base'];
//-----
$sql = "SELECT ";
$sql .= "commentcode ";
$sql .= ",owner_id";
$sql .= ",group_id";
$sql .= ",perm_owner";
$sql .= ",perm_group";
$sql .= ",perm_members";
$sql .= ",perm_anon";
$sql .= " FROM ";
$sql .= " {$tbl} AS t ";
//base
$sql .= " WHERE ";
$sql .= " id=" . $id;
$sql .= " AND t.draft_flag=0" . LB;
//アクセス権のないデータ はのぞく
$sql .= COM_getPermSql('AND');
//公開日以前のデータはのぞく
$sql .= " AND (released <= NOW())";
//公開終了日を過ぎたデータはのぞく
$sql .= " AND (expired=0 OR expired > NOW())";
//
$result = DB_query($sql);
$numrows = DB_numRows($result);
if ($numrows > 0) {
$A = DB_fetchArray($result);
$A = array_map('stripslashes', $A);
if ($A['commentcode'] >= 0) {
$delete_option = SEC_hasRights('userbox.edit') && SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']) == 3 ? true : false;
require_once $_CONF['path_system'] . 'lib-comment.php';
$retval .= CMT_userComments($id, $A['topic'], 'userbox', $order, $mode, 0, $page, false, $delete_option, $A['commentcode']);
}
}
return $retval;
}
示例2: EXP_adminList
/**
* Build the admin list of pages
* @return string HTML content
*/
function EXP_adminList()
{
global $_CONF, $_TABLES, $LANG_ADMIN, $LANG_ACCESS, $_CONF_EXP, $LANG_EX00;
USES_lib_admin();
$retval = '';
$header_arr = array(array('text' => $LANG_ADMIN['edit'], 'field' => 'edit', 'sort' => false), array('text' => 'Page ID', 'field' => 'exid', 'sort' => true), array('text' => 'Title', 'field' => 'title', 'sort' => true), array('text' => 'URL', 'field' => 'url', 'sort' => true), array('text' => 'Hits', 'field' => 'hits', 'sort' => true));
$menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/plugins/' . $_CONF_EXP['pi_name'] . '/edit.php?exid=0', 'text' => 'Add New'), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
$defsort_arr = array('field' => 'exid', 'direction' => 'asc');
$header_str = $LANG_EX00['header'] . ' ' . $LANG_EX00['version'] . ' ' . $_CONF_EXP['pi_version'];
$retval .= COM_startBlock($header_str, '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= ADMIN_createMenu($menu_arr, 'Administer External Pages', plugin_geticon_external());
$text_arr = array('has_extras' => true, 'form_url' => "{$_CONF['site_admin_url']}/plugins/{$_CONF_EXP['pi_name']}/index.php");
$query_arr = array('table' => 'external', 'sql' => "SELECT * FROM {$_TABLES['external']} ", 'query_fields' => array('title', 'url'), 'default_filter' => COM_getPermSql());
$retval .= ADMIN_list('external', 'EXP_getAdminListField', $header_arr, $text_arr, $query_arr, $defsort_arr, '', '', '', $form_arr);
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
示例3: listpolls
function listpolls()
{
global $_CONF, $_TABLES, $_IMAGE_TYPE, $LANG_ADMIN, $LANG25, $LANG_ACCESS;
require_once $_CONF['path_system'] . 'lib-admin.php';
$retval = '';
// writing the menu on top
$menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/plugins/polls/index.php?mode=edit', 'text' => $LANG_ADMIN['create_new']), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
$retval .= COM_startBlock($LANG25[18], '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= ADMIN_createMenu($menu_arr, $LANG25[19], plugin_geticon_polls());
// writing the actual list
$header_arr = array(array('text' => $LANG_ADMIN['edit'], 'field' => 'edit', 'sort' => false), array('text' => $LANG25[9], 'field' => 'topic', 'sort' => true), array('text' => $LANG25[20], 'field' => 'voters', 'sort' => true), array('text' => $LANG_ACCESS['access'], 'field' => 'access', 'sort' => false), array('text' => $LANG25[3], 'field' => 'unixdate', 'sort' => true), array('text' => $LANG25[33], 'field' => 'is_open', 'sort' => true));
$defsort_arr = array('field' => 'unixdate', 'direction' => 'desc');
$text_arr = array('has_extras' => true, 'instructions' => $LANG25[19], 'form_url' => $_CONF['site_admin_url'] . '/plugins/polls/index.php');
$query_arr = array('table' => 'polltopics', 'sql' => "SELECT *,UNIX_TIMESTAMP(date) AS unixdate " . "FROM {$_TABLES['polltopics']} WHERE 1=1", 'query_fields' => array('topic'), 'default_filter' => COM_getPermSql('AND'));
$retval .= ADMIN_list('polls', 'plugin_getListField_polls', $header_arr, $text_arr, $query_arr, $defsort_arr);
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
示例4: getAdminMenu
function getAdminMenu()
{
global $_SP_CONF, $_USER, $_TABLES, $LANG01, $LANG_MB01, $LANG_LOGO, $LANG_AM, $LANG_SOCIAL, $LANG29, $_CONF, $_DB_dbms, $_GROUPS, $config;
$item_array = array();
if (!COM_isAnonUser()) {
$plugin_options = PLG_getAdminOptions();
$num_plugins = count($plugin_options);
if (SEC_isModerator() or SEC_hasRights('story.edit,block.edit,topic.edit,user.edit,plugin.edit,user.mail,syndication.edit,social.admin', 'OR') or $num_plugins > 0) {
// what's our current URL?
$elementUrl = COM_getCurrentURL();
$topicsql = '';
if (SEC_isModerator() || SEC_hasRights('story.edit')) {
$tresult = DB_query("SELECT tid FROM {$_TABLES['topics']}" . COM_getPermSQL());
$trows = DB_numRows($tresult);
if ($trows > 0) {
$tids = array();
for ($i = 0; $i < $trows; $i++) {
$T = DB_fetchArray($tresult);
$tids[] = $T['tid'];
}
if (sizeof($tids) > 0) {
$topicsql = " (tid IN ('" . implode("','", $tids) . "'))";
}
}
}
$modnum = 0;
if (SEC_hasRights('story.edit,story.moderate', 'OR') || $_CONF['usersubmission'] == 1 && SEC_hasRights('user.edit,user.delete')) {
if (SEC_hasRights('story.moderate')) {
if (empty($topicsql)) {
$modnum += DB_count($_TABLES['storysubmission']);
} else {
$sresult = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['storysubmission']} WHERE" . $topicsql);
$S = DB_fetchArray($sresult);
$modnum += $S['count'];
}
}
if ($_CONF['listdraftstories'] == 1 && SEC_hasRights('story.edit')) {
$sql = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (draft_flag = 1)";
if (!empty($topicsql)) {
$sql .= ' AND' . $topicsql;
}
$result = DB_query($sql . COM_getPermSQL('AND', 0, 3));
$A = DB_fetchArray($result);
$modnum += $A['count'];
}
if ($_CONF['usersubmission'] == 1) {
if (SEC_hasRights('user.edit') && SEC_hasRights('user.delete')) {
$modnum += DB_count($_TABLES['users'], 'status', '2');
}
}
}
// now handle submissions for plugins
$modnum += PLG_getSubmissionCount();
if (SEC_hasRights('story.edit')) {
$url = $_CONF['site_admin_url'] . '/story.php';
$label = $LANG01[11];
if (empty($topicsql)) {
$numstories = DB_count($_TABLES['stories']);
} else {
$nresult = DB_query("SELECT COUNT(*) AS count from {$_TABLES['stories']} WHERE" . $topicsql . COM_getPermSql('AND'));
$N = DB_fetchArray($nresult);
$numstories = $N['count'];
}
$label .= ' (' . COM_numberFormat($numstories) . ')';
$item_array[] = array('label' => $label, 'url' => $url);
}
if (SEC_hasRights('block.edit')) {
$result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['blocks']}" . COM_getPermSql());
list($count) = DB_fetchArray($result);
$url = $_CONF['site_admin_url'] . '/block.php';
$label = $LANG01[12] . ' (' . COM_numberFormat($count) . ')';
$item_array[] = array('label' => $label, 'url' => $url);
}
if (SEC_hasRights('autotag.admin')) {
$url = $_CONF['site_admin_url'] . '/autotag.php';
$label = $LANG_AM['title'];
$item_array[] = array('label' => $label, 'url' => $url);
}
if (SEC_inGroup('Root')) {
$url = $_CONF['site_admin_url'] . '/clearctl.php';
$label = $LANG01['ctl'];
$item_array[] = array('label' => $label, 'url' => $url);
}
if (SEC_inGroup('Root')) {
$url = $_CONF['site_admin_url'] . '/menu.php';
$label = $LANG_MB01['menu_builder'];
$item_array[] = array('label' => $label, 'url' => $url);
}
if (SEC_inGroup('Root')) {
$url = $_CONF['site_admin_url'] . '/logo.php';
$label = $LANG_LOGO['logo_admin'];
$item_array[] = array('label' => $label, 'url' => $url);
}
if (SEC_hasRights('topic.edit')) {
$result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['topics']}" . COM_getPermSql());
list($count) = DB_fetchArray($result);
$url = $_CONF['site_admin_url'] . '/topic.php';
$label = $LANG01[13] . ' (' . COM_numberFormat($count) . ')';
$item_array[] = array('label' => $label, 'url' => $url);
}
//.........这里部分代码省略.........
示例5: edittopic
//.........这里部分代码省略.........
$topic_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
$ownername = COM_getDisplayName($A['owner_id']);
$topic_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}"));
$topic_templates->set_var('owner_name', $ownername);
$topic_templates->set_var('owner', $ownername);
$topic_templates->set_var('owner_id', $A['owner_id']);
$topic_templates->set_var('lang_group', $LANG_ACCESS['group']);
$topic_templates->set_var('lang_save', $LANG_ADMIN['save']);
$topic_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
$topic_templates->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
$topic_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
$topic_templates->set_var('lang_permissions_key', $LANG_ACCESS['permissionskey']);
$topic_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
$topic_templates->set_var('permissions_msg', $LANG_ACCESS['permmsg']);
$topic_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
$topic_templates->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
// show sort order only if they specified sortnum as the sort method
if ($_CONF['sortmethod'] !== 'alpha') {
$topic_templates->set_var('lang_sortorder', $LANG27[10]);
if ($A['sortnum'] == 0) {
$A['sortnum'] = '';
}
$topic_templates->set_var('sort_order', '<input type="text" size="5" maxlength="5" name="sortnum" value="' . $A['sortnum'] . '"' . XHTML . '>');
} else {
$topic_templates->set_var('lang_sortorder', $LANG27[14]);
$topic_templates->set_var('sort_order', $LANG27[15] . '<input type="hidden" name="sortnum" value="' . $A['sortnum'] . '"' . XHTML . '>');
}
$topic_templates->set_var('lang_storiesperpage', $LANG27[11]);
if ($A['limitnews'] == 0) {
$topic_templates->set_var('story_limit', '');
} else {
$topic_templates->set_var('story_limit', $A['limitnews']);
}
$topic_templates->set_var('default_limit', $_CONF['limitnews']);
$topic_templates->set_var('lang_defaultis', $LANG27[16]);
$topic_templates->set_var('lang_topicname', $LANG27[3]);
$topic_templates->set_var('topic_name', htmlspecialchars(stripslashes($A['topic']), ENT_QUOTES, COM_getEncodingt()));
if (empty($A['tid'])) {
$A['imageurl'] = '/images/topics/';
}
$topic_templates->set_var('lang_topicimage', $LANG27[4]);
$topic_templates->set_var('lang_uploadimage', $LANG27[27]);
$topic_templates->set_var('lang_maxsize', $LANG27[28]);
$topic_templates->set_var('icon_dimensions', $_CONF['max_topicicon_width'] . ' x ' . $_CONF['max_topicicon_height']);
$topic_templates->set_var('max_url_length', 255);
$topic_templates->set_var('image_url', $A['imageurl']);
if (empty($_CONF['image_lib'])) {
$scaling = $LANG04[162];
} else {
$scaling = $LANG04[161];
}
$topic_templates->set_var('icon_max_dimensions', sprintf($LANG04[160], $_CONF['max_topicicon_width'], $_CONF['max_topicicon_height'], $_CONF['max_topicicon_size'], $scaling));
$topic_templates->set_var('lang_metadescription', $LANG_ADMIN['meta_description']);
$topic_templates->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']);
if (!empty($A['meta_description'])) {
$topic_templates->set_var('meta_description', $A['meta_description']);
}
if (!empty($A['meta_keywords'])) {
$topic_templates->set_var('meta_keywords', $A['meta_keywords']);
}
if ($_CONF['meta_tags'] > 0) {
$topic_templates->set_var('hide_meta', '');
} else {
$topic_templates->set_var('hide_meta', ' style="display:none;"');
}
$topic_templates->set_var('lang_defaulttopic', $LANG27[22]);
$topic_templates->set_var('lang_defaulttext', $LANG27[23]);
if ($A['is_default'] == 1) {
$topic_templates->set_var('default_checked', 'checked="checked"');
} else {
$topic_templates->set_var('default_checked', '');
}
$topic_templates->set_var('lang_archivetopic', $LANG27[25]);
$topic_templates->set_var('lang_archivetext', $LANG27[26]);
$topic_templates->set_var('archive_disabled', '');
if ($A['archive_flag'] == 1) {
$topic_templates->set_var('archive_checked', 'checked="checked"');
} else {
$topic_templates->set_var('archive_checked', '');
// Only 1 topic can be the archive topic - so check if there already is one
if (DB_count($_TABLES['topics'], 'archive_flag', '1') > 0) {
$topic_templates->set_var('archive_disabled', 'disabled');
}
}
if (empty($tid)) {
$num_stories = $LANG_ADMIN['na'];
} else {
$nResult = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta WHERE ta.type = 'article' AND ta.id = sid AND ta.tid = '" . DB_escapeString($tid) . "'" . COM_getPermSql('AND'));
$N = DB_fetchArray($nResult);
$num_stories = COM_numberFormat($N['count']);
}
$topic_templates->set_var('lang_num_stories', $LANG27[30]);
$topic_templates->set_var('num_stories', $num_stories);
$topic_templates->set_var('gltoken_name', CSRF_TOKEN);
$topic_templates->set_var('gltoken', $token);
$topic_templates->parse('output', 'editor');
$retval .= $topic_templates->finish($topic_templates->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
示例6: listRoutes
/**
* Display a list of routes
*
* @return string HTML for the list
*/
function listRoutes()
{
global $_CONF, $_TABLES, $LANG_ADMIN, $LANG_ROUTER, $_IMAGE_TYPE, $securityToken;
require_once $_CONF['path_system'] . 'lib-admin.php';
// Writing the menu on top
$menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/router.php?mode=edit&rid=0', 'text' => $LANG_ADMIN['create_new']), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
$notice = $LANG_ROUTER[11];
if (!isset($_CONF['url_rewrite']) || empty($_CONF['url_rewrite'])) {
$notice .= ' ' . $LANG_ROUTER[18];
}
if (!isset($_CONF['url_routing']) || $_CONF['url_routing'] == Router::ROUTING_DISABLED) {
$notice .= ' ' . $LANG_ROUTER[19];
}
$retval = COM_startBlock($LANG_ROUTER[2], '', COM_getBlockTemplate('_admin_block', 'header')) . ADMIN_createMenu($menu_arr, $notice, $_CONF['layout_url'] . '/images/icons/router.' . $_IMAGE_TYPE);
$headerArray = array(array('text' => $LANG_ADMIN['edit'], 'field' => 'rid', 'sort' => false), array('text' => $LANG_ROUTER[4], 'field' => 'method', 'sort' => true), array('text' => $LANG_ROUTER[5], 'field' => 'rule', 'sort' => true), array('text' => $LANG_ROUTER[6], 'field' => 'route', 'sort' => true), array('text' => $LANG_ROUTER[7], 'field' => 'priority', 'sort' => true));
$defaultSortArray = array('field' => 'priority', 'direction' => 'asc');
$textArray = array('has_extras' => false, 'title' => $LANG_ROUTER[1], 'form_url' => $_CONF['site_admin_url'] . '/router.php');
$queryArray = array('table' => 'routes', 'sql' => "SELECT * FROM {$_TABLES['routes']} WHERE (1 = 1) ", 'query_fields' => array('rule', 'route', 'priority'), 'default_filter' => COM_getPermSql('AND'));
$retval .= ADMIN_list('routes', 'ADMIN_getListFieldRoutes', $headerArray, $textArray, $queryArray, $defaultSortArray, '', $securityToken, '');
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
示例7: _renderMenuItems
private function _renderMenuItems($pid = 0)
{
global $_CONF, $_TABLES, $_USER, $_BLOCK_TEMPLATE;
foreach ($this->_menuitems as $menuitem) {
if ($this->_multiLangMode) {
$label = $this->getMenuLabel($menuitem['id']);
} else {
$label = $menuitem['label'];
}
$target = $menuitem['type'] == 2 ? 'target=newWindow;' . $this->_targetFeatures : '';
$menuitemImage = trim($menuitem['image']);
if ($menuitemImage != '') {
// Check and see if the full url is entered
if (strpos($menuitemImage, 'http') === false) {
$menuitemImage = $_CONF['site_url'] . '/nexmenu/menuimages/' . $menuitemImage;
}
}
if ($i == $this->_menuitemCount) {
$lastitem = true;
} else {
$lastitem = false;
}
// Check and see if this item is a submenu
if ($menuitem['type'] == 3) {
// Type Submenu
$url = str_replace('[siteurl]', $_CONF['site_url'], $menuitem['url']);
$url = str_replace('[siteadminurl]', $_CONF['site_admin_url'], $url);
if ($this->_type == 'header') {
$menuitemimagecss = 'headermenuitemimage';
} else {
$menuitemimagecss = 'blocksubmenuitemimage';
}
$t = new Template($_CONF['path_layout'] . 'nexmenu/procssmenu');
if ($pid == 0) {
if ($this->_type == 'header') {
$t->set_file('menu', 'headersubmenu.thtml');
} else {
$t->set_file('menu', 'submenu.thtml');
}
$t->set_var('menuitem_url', $url);
if ($menuitemImage != '') {
$image = '<img src="' . $menuitemImage . '" border="0"> ';
$label = "{$image}<span id=\"{$menuitemimagecss}\">{$label}</span>";
$t->set_var('menuitem_label', $label);
} else {
$t->set_var('menuitem_label', $label);
}
if ($pid == 0) {
$t->set_var('imgclass', 'drop');
} else {
$t->set_var('imgclass', 'fly');
}
if ($i == $this->_menuitemCount) {
$t->set_var('lastitemclass', 'class="enclose"');
}
} else {
$t->set_file('menu', 'flysubmenu.thtml');
$t->set_var('menuitem_url', $url);
$t->set_var('menuitem_label', $label);
}
parent::initMenuItems($menuitem['id']);
$t->set_var('submenu_items', $this->_renderMenuItems($menuitem['id']));
$t->parse('output', 'menu');
$retval .= $t->finish($t->get_var('output'));
} elseif ($menuitem['type'] == 4) {
// Core Menu
switch ($menuitem['url']) {
case "adminmenu":
if ($_USER['uid'] > 1) {
$_BLOCK_TEMPLATE['admin_block'] = 'nexmenu/procssmenu/blank.thtml,nexmenu/procssmenu/blank.thtml';
$_BLOCK_TEMPLATE['adminoption'] = 'nexmenu/procssmenu/menuitem.thtml,nexmenu/procssmenu/menuitem_on.thtml';
$plugin_options .= PLG_getAdminOptions();
$nrows = count($plugin_options);
if (SEC_isModerator() or $nrows > 0 or SEC_hasrights('story.edit,block.edit,topic.edit,link.edit,event.edit,poll.edit,user.edit,plugin.edit,user.mail', 'OR')) {
$retval .= COM_adminMenu();
}
}
break;
case "usermenu":
if ($_USER['uid'] > 1) {
$_BLOCK_TEMPLATE['user_block'] = 'nexmenu/procssmenu/blank.thtml,nexmenu/procssmenu/blank.thtml';
$_BLOCK_TEMPLATE['useroption'] = 'nexmenu/procssmenu/menuitem.thtml,nexmenu/procssmenu/menuitem_on.thtml';
$retval .= COM_userMenu();
}
break;
case "topicmenu":
$_BLOCK_TEMPLATE['topicoption'] = 'nexmenu/procssmenu/menuitem2.thtml,nexmenu/procssmenu/menuitem2_on.thtml';
$retval .= COM_showTopics('', " sortnum < '{$CONF_NEXMENU['restricted_topics']}'");
break;
case "linksmenu":
if ($this->_linksPlugin) {
$retval .= nexmenu_showlinks($pid, $this->_type, 'site', $numcategories, 0, $lastitem);
}
break;
case "spmenu":
if ($this->_staticpagesPlugin) {
if ($CONF_NEXMENU['sp_labelonly']) {
$sql = "SELECT sp_id,sp_title,sp_label FROM {$_TABLES['staticpage']} WHERE sp_onmenu=1 ";
$sql .= COM_getPermSql('AND');
$sql .= 'ORDER BY sp_title';
//.........这里部分代码省略.........
示例8: COM_setArgNames
}
}
COM_setArgNames(array('id', 'type'));
$id = COM_applyFilter(COM_getArgument('id'));
$type = COM_applyFilter(COM_getArgument('type'));
if (empty($id)) {
TRB_sendTrackbackResponse(1, $TRB_ERROR['illegal_request']);
exit;
}
if (empty($type)) {
$type = 'article';
}
if ($type == 'article') {
// check if they have access to this story
$sid = DB_escapeString($id);
$result = DB_query("SELECT trackbackcode FROM {$_TABLES['stories']} WHERE (sid = '{$sid}') AND (date <= NOW()) AND (draft_flag = 0)" . COM_getPermSql('AND') . COM_getTopicSql('AND'));
if (DB_numRows($result) == 1) {
$A = DB_fetchArray($result);
if ($A['trackbackcode'] == 0) {
TRB_handleTrackbackPing($id, $type);
} else {
TRB_sendTrackbackResponse(1, $TRB_ERROR['no_access']);
}
} else {
TRB_sendTrackbackResponse(1, $TRB_ERROR['no_access']);
}
} else {
if (PLG_handlePingComment($type, $id, 'acceptByID') === true) {
TRB_handleTrackbackPing($id, $type);
} else {
TRB_sendTrackbackResponse(1, $TRB_ERROR['no_access']);
示例9: TRB_allowDelete
/**
* Check if the current user is allowed to delete trackback comments.
*
* @param string $sid ID of the parent object of the comment
* @param string $type type of the parent object ('article' = story, etc.)
* @return boolean true = user can delete the comment, false = nope
*
*/
function TRB_allowDelete($sid, $type)
{
global $_TABLES;
$allowed = false;
if ($type == 'article') {
$sid = DB_escapeString($sid);
$sql = "SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['stories']} WHERE sid = '{$sid}'" . COM_getPermSql('AND', 0, 3);
$result = DB_query($sql);
$A = DB_fetchArray($result);
if (SEC_hasRights('story.edit') && SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']) == 3 && TOPIC_hasMultiTopicAccess('article', $sid) == 3) {
$allowed = true;
} else {
$allowed = false;
}
} else {
$allowed = PLG_handlePingComment($type, $sid, 'delete');
}
return $allowed;
}
示例10: COM_commandControl
//.........这里部分代码省略.........
break;
case 'users':
$cc_users[] = $item;
break;
default:
$cc_plugins[] = $item;
break;
}
next($plugins);
}
// Command & Control Group Layout
$ccgroups = array('core', 'plugins', 'tools', 'users');
foreach ($ccgroups as $ccgroup) {
// Clear a few things before starting group
$cc_arr = array();
$items = array();
if (!$adminMenu) {
$admin_templates->clear_var('cc_rows');
$admin_templates->set_var('cc_icon_width', floor(100 / ICONS_PER_ROW));
}
switch ($ccgroup) {
// Core - Blocks, Content Syndication, Stories, Topics, Submissions, Trackbacks
case 'core':
$showTrackbackIcon = ($_CONF['trackback_enabled'] || $_CONF['pingback_enabled'] || $_CONF['ping_enabled']) && SEC_hasRights('story.ping');
// Count stuff for admin menu
$blockcount = 0;
$topiccount = 0;
$storycount = 0;
$submissioncount = 0;
$syndicationcount = 0;
$trackbackcount = $LANG_ADMIN['na'];
if ($adminMenu) {
// Find num of blocks
$result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['blocks']}" . COM_getPermSql());
list($blockcount) = DB_fetchArray($result);
// Find num of topics
$result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['topics']}" . COM_getPermSql());
list($topiccount) = DB_fetchArray($result);
// Find num of stories
if (SEC_hasRights('story.edit')) {
if (empty($topicsql)) {
$storycount = DB_count($_TABLES['stories']);
} else {
$nresult = DB_query("SELECT COUNT(DISTINCT sid) AS count FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta WHERE ta.type = 'article' AND ta.id = sid " . $topicsql . COM_getPermSql('AND'));
$N = DB_fetchArray($nresult);
$storycount = $N['count'];
}
}
// Find num of submissions
if (SEC_hasRights('story.edit,story.moderate', 'OR') || $_CONF['commentsubmission'] == 1 && SEC_hasRights('comment.moderate') || $_CONF['usersubmission'] == 1 && SEC_hasRights('user.edit,user.delete')) {
if (SEC_hasRights('story.moderate')) {
if (empty($topicsql)) {
$submissioncount += DB_count($_TABLES['storysubmission']);
} else {
$sql = "SELECT COUNT(DISTINCT sid) AS count FROM {$_TABLES['storysubmission']}, {$_TABLES['topic_assignments']} ta WHERE ta.type = 'article' AND ta.id = sid " . $topicsql;
$sresult = DB_query($sql);
$S = DB_fetchArray($sresult);
$submissioncount += $S['count'];
}
}
if ($_CONF['listdraftstories'] == 1 && SEC_hasRights('story.edit')) {
$sql = "SELECT COUNT(DISTINCT sid) AS count FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta WHERE ta.type = 'article' AND ta.id = sid AND draft_flag = 1";
if (!empty($topicsql)) {
$sql .= $topicsql;
}
$result = DB_query($sql . COM_getPermSQL('AND', 0, 3));
示例11: COM_applyFilter
$order = COM_applyFilter($_GET['order']);
}
if (isset($_GET['query'])) {
$query = COM_applyFilter($_GET['query']);
}
if (isset($_GET['reply'])) {
$reply = COM_applyFilter($_GET['reply']);
}
}
if (empty($sid)) {
COM_404();
}
if (strcasecmp($order, 'ASC') != 0 && strcasecmp($order, 'DESC') != 0) {
$order = '';
}
$result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE sid = '" . DB_escapeString($sid) . "'" . COM_getPermSql('AND'));
$A = DB_fetchArray($result);
if ($A['count'] > 0) {
$ratedIds = array();
if ($_CONF['rating_enabled'] != 0) {
$ratedIds = RATING_getRatedIds('article');
}
$story = new Story();
$args = array('sid' => $sid, 'mode' => 'view');
$output = STORY_LOADED_OK;
$result = PLG_invokeService('story', 'get', $args, $output, $svc_msg);
if ($result == PLG_RET_OK) {
/* loadFromArray cannot be used, since it overwrites the timestamp */
reset($story->_dbFields);
while (list($fieldname, $save) = each($story->_dbFields)) {
$varname = '_' . $fieldname;
示例12: _renderMenuItems
private function _renderMenuItems()
{
global $_CONF, $_TABLES, $_USER, $_BLOCK_TEMPLATE;
foreach ($this->_menuitems as $menuitem) {
if ($this->_multiLangMode) {
$label = $this->getMenuLabel($menuitem['id']);
} else {
$label = $menuitem['label'];
}
$target = $menuitem['type'] == 2 ? 'target=newWindow;' . $this->_targetFeatures : '';
$menuitemImage = trim($menuitem['image']);
if ($menuitemImage != '') {
// Check and see if the full url is entered
if (strpos($menuitemImage, 'http') === false) {
$menuitemImage = $_CONF['site_url'] . '/nexmenu/menuimages/' . $menuitemImage;
}
}
if ($i == $this->_menuitemCount) {
$lastitem = true;
} else {
$lastitem = false;
}
// Check and see if this item is a submenu
if ($menuitem['type'] == 3) {
// Type Submenu
$url = str_replace('[siteurl]', $_CONF['site_url'], $menuitem['url']);
$url = str_replace('[siteadminurl]', $_CONF['site_admin_url'], $url);
if ($this->_type == 'header') {
$menuitemimagecss = 'headermenuitemimage';
} else {
$menuitemimagecss = 'blocksubmenuitemimage';
}
if ($menuitemImage != '') {
$retval .= 'aI("image=' . $menuitemImage . ';text=' . $label . ';' . 'url=' . $url . ';' . $target . 'showmenu=nexmenu' . $menuitem['id'] . ';");';
} else {
$retval .= 'aI("text=' . $label . ';' . 'url=' . $url . ';' . $target . 'showmenu=nexmenu' . $menuitem['id'] . ';");';
}
} elseif ($menuitem['type'] == 4) {
// Core Menu
switch ($menuitem['url']) {
case "adminmenu":
if ($_USER['uid'] > 1) {
$_BLOCK_TEMPLATE['admin_block'] = 'nexmenu/milonicmenu/blockheader-blank.thtml,nexmenu/milonicmenu/blockfooter-blank.thtml';
$_BLOCK_TEMPLATE['adminoption'] = 'nexmenu/milonicmenu/option.thtml,nexmenu/milonicmenu/option_off.thtml';
$plugin_options .= PLG_getAdminOptions();
$nrows = count($plugin_options);
if (SEC_isModerator() or $nrows > 0 or SEC_hasrights('story.edit,block.edit,topic.edit,link.edit,event.edit,poll.edit,user.edit,plugin.edit,user.mail', 'OR')) {
$retval .= COM_adminMenu();
}
}
break;
case "usermenu":
if ($_USER['uid'] > 1) {
$_BLOCK_TEMPLATE['user_block'] = 'nexmenu/milonicmenu/blockheader-blank.thtml,nexmenu/milonicmenu/blockfooter-blank.thtml';
$_BLOCK_TEMPLATE['useroption'] = 'nexmenu/milonicmenu/option.thtml,nexmenu/milonicmenu/option_off.thtml';
$retval .= COM_userMenu();
}
break;
case "topicmenu":
$_BLOCK_TEMPLATE['topicoption'] = 'nexmenu/milonicmenu/option.thtml,nexmenu/milonicmenu/option_off.thtml';
$retval .= COM_showTopics('', " sortnum < '{$CONF_NEXMENU['restricted_topics']}'");
break;
case "linksmenu":
if ($this->_linksPlugin) {
$retval .= $this->_milonicLinksPluginSiteLinks();
}
break;
case "spmenu":
if ($this->_staticpagesPlugin) {
if ($CONF_NEXMENU['sp_labelonly']) {
$sql = "SELECT sp_id,sp_title,sp_label FROM {$_TABLES['staticpage']} WHERE sp_onmenu=1 ";
$sql .= COM_getPermSql('AND');
$sql .= 'ORDER BY sp_title';
$spquery = DB_query($sql);
} else {
$sql = "SELECT sp_id,sp_title,sp_label FROM {$_TABLES['staticpage']} ";
$sql .= COM_getPermSql('WHERE');
$sql .= 'ORDER BY sp_title';
$spquery = DB_query($sql);
}
while (list($id, $title, $sp_label) = DB_fetchArray($spquery)) {
if (trim($sp_label) == '') {
$label = $title;
} else {
$label = $sp_label;
}
$url = "{$_CONF['site_url']}/staticpages/index.php?page={$id}";
$retval .= 'aI("text=' . $label . ';url=' . $_CONF['site_url'] . '/staticpages/index.php?page=' . $id . ';");';
}
}
break;
case "pluginmenu":
$result = DB_query("SELECT pi_name FROM {$_TABLES['plugins']} WHERE pi_enabled = 1");
$nrows = DB_numRows($result);
$menu = array();
for ($i = 1; $i <= $nrows; $i++) {
$A = DB_fetchArray($result);
$function = 'plugin_getmenuitems_' . $A['pi_name'];
if (function_exists($function)) {
$menuitems = $function();
//.........这里部分代码省略.........
示例13: POLLS_siteHeader
if (isset($pid)) {
$display .= POLLS_siteHeader();
if ($msg > 0) {
$display .= COM_showMessage($msg, 'polls');
}
if (isset($_POST['aid'])) {
$eMsg = $LANG_POLLS['answer_all'] . ' "' . DB_getItem($_TABLES['polltopics'], 'topic', "pid = '" . DB_escapeString($pid) . "'") . '"';
$display .= COM_showMessageText($eMsg, $LANG_POLLS['not_saved'], true);
}
if (DB_getItem($_TABLES['polltopics'], 'is_open', "pid = '" . DB_escapeString($pid) . "'") != 1) {
$aid = -1;
// poll closed - show result
}
if (!isset($_COOKIE['poll-' . $pid]) && !POLLS_ipAlreadyVoted($pid) && $aid != -1) {
$display .= POLLS_pollVote($pid);
} else {
$display .= POLLS_pollResults($pid, 400, $order, $mode);
}
} else {
$poll_topic = DB_query("SELECT topic FROM {$_TABLES['polltopics']} WHERE pid='" . DB_escapeString($pid) . "'" . COM_getPermSql('AND'));
$Q = DB_fetchArray($poll_topic);
if (empty($Q['topic'])) {
$display .= POLLS_siteHeader($LANG_POLLS['pollstitle']) . POLLS_pollList();
} else {
$display .= POLLS_siteHeader($Q['topic']) . POLLS_pollResults($pid, 400, $order, $mode);
}
}
}
}
$display .= POLLS_siteFooter();
echo $display;
示例14: COM_setArgNames
}
}
COM_setArgNames(array('id', 'type'));
$id = COM_applyFilter(COM_getArgument('id'));
$type = COM_applyFilter(COM_getArgument('type'));
if (empty($id)) {
TRB_sendTrackbackResponse(1, $TRB_ERROR['illegal_request']);
exit;
}
if (empty($type)) {
$type = 'article';
}
if ($type == 'article') {
// check if they have access to this story
$sid = DB_escapeString($id);
$sql = "SELECT trackbackcode FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta\n WHERE (sid = '{$sid}') AND (date <= NOW()) AND (draft_flag = 0)" . COM_getPermSql('AND') . " AND ta.type = 'article' AND ta.id = sid AND ta.tdefault = 1 " . COM_getTopicSql('AND', 0, 'ta');
$result = DB_query($sql);
if (DB_numRows($result) == 1) {
$A = DB_fetchArray($result);
if ($A['trackbackcode'] == 0) {
TRB_handleTrackbackPing($id, $type);
} else {
TRB_sendTrackbackResponse(1, $TRB_ERROR['no_access']);
}
} else {
TRB_sendTrackbackResponse(1, $TRB_ERROR['no_access']);
}
} else {
if (PLG_handlePingComment($type, $id, 'acceptByID') === true) {
TRB_handleTrackbackPing($id, $type);
} else {
示例15: TOPIC_list
/**
* Displays a list of topics
*
* Lists all the topics and their icons.
*
* @return string HTML for the topic list
*
*/
function TOPIC_list()
{
global $_CONF, $_TABLES, $LANG27, $LANG_ACCESS, $LANG_ADMIN, $_IMAGE_TYPE;
USES_lib_admin();
$retval = '';
$menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/topic.php?edit=x', 'text' => $LANG_ADMIN['create_new']), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
$retval .= COM_startBlock($LANG27[8], '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= ADMIN_createMenu($menu_arr, $LANG27[9], $_CONF['layout_url'] . '/images/icons/topic.' . $_IMAGE_TYPE);
$header_arr = array(array('text' => $LANG_ADMIN['edit'], 'field' => 'edit', 'sort' => false, 'align' => 'center', 'width' => '35px'), array('text' => $LANG27[10], 'field' => 'sortnum', 'sort' => true, 'align' => 'center'), array('text' => $LANG27[2], 'field' => 'tid', 'sort' => true), array('text' => $LANG27[3], 'field' => 'topic', 'sort' => true), array('text' => $LANG27[38], 'field' => 'is_default', 'sort' => false, 'align' => 'center'), array('text' => $LANG27[39], 'field' => 'archive_flag', 'sort' => false, 'align' => 'center'), array('text' => $LANG27[11], 'field' => 'limitnews', 'sort' => false, 'align' => 'center'), array('text' => $LANG27[35], 'field' => 'sort_by', 'sort' => false, 'align' => 'center', 'nowrap' => 'true'), array('text' => $LANG27[37], 'field' => 'sort_dir', 'sort' => false, 'align' => 'center'), array('text' => $LANG_ADMIN['delete'], 'field' => 'delete', 'sort' => false, 'align' => 'center', 'width' => '35px'));
$defsort_arr = array('field' => 'sortnum', 'direction' => 'asc');
$text_arr = array('has_extras' => true, 'form_url' => $_CONF['site_admin_url'] . '/topic.php');
$query_arr = array('table' => 'topics', 'sql' => "SELECT * FROM {$_TABLES['topics']} WHERE 1=1", 'query_fields' => array('tid', 'topic'), 'default_filter' => COM_getPermSql('AND'));
$token = SEC_createToken();
$form_arr = array('bottom' => '<input type="hidden" name="' . CSRF_TOKEN . '" value="' . $token . '"/>');
$retval .= ADMIN_list('topics', 'TOPIC_getListField', $header_arr, $text_arr, $query_arr, $defsort_arr, '', $token, '', $form_arr);
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}