当前位置: 首页>>代码示例>>PHP>>正文


PHP CheckSecurity函数代码示例

本文整理汇总了PHP中CheckSecurity函数的典型用法代码示例。如果您正苦于以下问题:PHP CheckSecurity函数的具体用法?PHP CheckSecurity怎么用?PHP CheckSecurity使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。


在下文中一共展示了CheckSecurity函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: session_cache_limiter

@ini_set("display_errors", "1");
@ini_set("display_startup_errors", "1");
session_cache_limiter("none");
include "include/dbcommon.php";
header("Expires: Thu, 01 Jan 1970 00:00:01 GMT");
set_time_limit(600);
include "include/pad_pad_spt_type_variables.php";
include "include/import_functions.php";
$strOriginalTableName = "\"pad\".\"pad_spt_type\"";
if (!isLogged()) {
    $_SESSION["MyURL"] = $_SERVER["SCRIPT_NAME"] . "?" . $_SERVER["QUERY_STRING"];
    header("Location: login.php?message=expired");
    return;
}
if (CheckPermissionsEvent($strTableName, 'I') && !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Import")) {
    echo "<p>" . "You don't have permissions to access this table" . "<a href=\"login.php\">" . "Back to login page" . "</a></p>";
    return;
}
$cipherer = new RunnerCipherer($strTableName);
// keys array
$keys[] = AddFieldWrappers("id");
$keys_present = 1;
$total_records = 0;
$goodlines = 0;
// Create audit object
$auditObj = GetAuditObject($strTableName);
function getFieldNamesByHeaders($fields)
{
    global $strTableName, $conn, $strOriginalTableName, $ext, $gSettings;
    // check fields in column headers
开发者ID:aagusti,项目名称:padl-tng,代码行数:30,代码来源:pad_pad_spt_type_import.php

示例2: header

<?php

@ini_set("display_errors", "1");
@ini_set("display_startup_errors", "1");
include "include/dbcommon.php";
header("Expires: Thu, 01 Jan 1970 00:00:01 GMT");
include "include/pad_pad_customer_variables.php";
$mode = postvalue("mode");
if (!isLogged()) {
    return;
}
if (!CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search")) {
    return;
}
$cipherer = new RunnerCipherer($strTableName);
include 'include/xtempl.php';
$xt = new Xtempl();
$layout = new TLayout("detailspreview", "RoundedGreen", "MobileGreen");
$layout->blocks["bare"] = array();
$layout->containers["dcount"] = array();
$layout->containers["dcount"][] = array("name" => "detailspreviewheader", "block" => "", "substyle" => 1);
$layout->containers["dcount"][] = array("name" => "detailspreviewdetailsfount", "block" => "", "substyle" => 1);
$layout->containers["dcount"][] = array("name" => "detailspreviewdispfirst", "block" => "display_first", "substyle" => 1);
$layout->skins["dcount"] = "empty";
$layout->blocks["bare"][] = "dcount";
$layout->containers["detailspreviewgrid"] = array();
$layout->containers["detailspreviewgrid"][] = array("name" => "detailspreviewfields", "block" => "details_data", "substyle" => 1);
$layout->skins["detailspreviewgrid"] = "grid";
$layout->blocks["bare"][] = "detailspreviewgrid";
$page_layouts["pad_pad_customer_detailspreview"] = $layout;
$recordsCounter = 0;
开发者ID:aagusti,项目名称:padl-tng,代码行数:31,代码来源:pad_pad_customer_detailspreview.php

示例3: header

include "include/public_tmp_bank_2013_variables.php";
include 'classes/runnerpage.php';
include 'classes/listpage.php';
include "classes/searchpanel.php";
include "classes/searchcontrol.php";
include "classes/searchclause.php";
include "classes/panelsearchcontrol.php";
if (!isLogged()) {
    $_SESSION["MyURL"] = $_SERVER["SCRIPT_NAME"] . "?" . $_SERVER["QUERY_STRING"];
    header("Location: login.php?message=expired");
    return;
}
if (isLoggedAsGuest()) {
    $_SESSION["MyURL"] = $_SERVER["SCRIPT_NAME"] . "?" . $_SERVER["QUERY_STRING"];
}
if (CheckPermissionsEvent($strTableName, 'S') && !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search") && !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Add")) {
    if (IsAdmin()) {
        echo "<p>" . "You don't have permissions to access this table" . "<br><a href=\"admin_rights_list.php\">" . "Proceed to Admin Area" . "</a> " . "to set up user permissions" . "</p>";
    } else {
        echo "<p>" . "You don't have permissions to access this table" . " <a href=\"login.php\">" . "Back to login page" . "</a></p>";
    }
    exit;
}
$layout = new TLayout("list2", "RoundedGreen", "MobileGreen");
$layout->blocks["center"] = array();
$layout->skins["recordcontrols"] = "1";
$layout->blocks["center"][] = "recordcontrols";
$layout->containers["message"] = array();
$layout->containers["message"][] = array("name" => "message", "block" => "message_block", "substyle" => 1);
$layout->skins["message"] = "2";
$layout->blocks["center"][] = "message";
开发者ID:aagusti,项目名称:padl-tng,代码行数:31,代码来源:public_tmp_bank_2013_list.php

示例4: array

     $returnJSON['settings'] = $pageObject->jsSettings;
 }
 $xt->assign("style_block", true);
 $xt->assign("stylefiles_block", true);
 $editlink = "";
 $editkeys = array();
 $editkeys["editid1"] = postvalue("editid1");
 foreach ($editkeys as $key => $val) {
     if ($editlink) {
         $editlink .= "&";
     }
     $editlink .= $key . "=" . $val;
 }
 $xt->assign("editlink_attrs", "id=\"editLink" . $id . "\" name=\"editLink" . $id . "\" onclick=\"window.location.href='pad_pad_customer_edit.php?" . $editlink . "'\"");
 $strPerm = GetUserPermissions($strTableName);
 if (CheckSecurity($ownerIdValue, "Edit") && !$inlineview && strpos($strPerm, "E") !== false) {
     $xt->assign("edit_button", true);
 } else {
     $xt->assign("edit_button", false);
 }
 if (!$pdf && !$all && !$inlineview) {
     //////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
     //Begin show Next Prev button
     $nextlink = $prevlink = "";
     if (count($next)) {
         $xt->assign("next_button", true);
         $nextlink .= "editid1=" . htmlspecialchars(rawurlencode($next[1 - 1]));
         $xt->assign("nextbutton_attrs", "id=\"nextButton" . $id . "\"");
     } else {
         $xt->assign("next_button", false);
     }
开发者ID:aagusti,项目名称:padl-tng,代码行数:31,代码来源:pad_pad_customer_view.php

示例5: GetImageFromDB

/**
 * @intellisense
 */
function GetImageFromDB($gQuery, $forPDF = false, $params = array())
{
    global $cman;
    if (!$forPDF) {
        $table = postvalue("table");
        $strTableName = GetTableByShort($table);
        $settings = new ProjectSettings($strTableName);
        if (!checkTableName($table)) {
            return '';
        }
        @ini_set("display_errors", "1");
        @ini_set("display_startup_errors", "1");
        if (!isLogged() || !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search")) {
            HeaderRedirect("login");
            return;
        }
        $field = postvalue("field");
        if (!$settings->checkFieldPermissions($field)) {
            return DisplayNoImage();
        }
        //	construct sql
        $keysArr = $settings->getTableKeys();
        $keys = array();
        foreach ($keysArr as $ind => $k) {
            $keys[$k] = postvalue("key" . ($ind + 1));
        }
    } else {
        $table = @$params["table"];
        $strTableName = GetTableByShort($table);
        if (!checkTableName($table)) {
            exit(0);
        }
        $settings = new ProjectSettings($strTableName);
        $field = @$params["field"];
        //	construct sql
        $keysArr = $settings->getTableKeys();
        $keys = array();
        foreach ($keysArr as $ind => $k) {
            $keys[$k] = @$params["key" . ($ind + 1)];
        }
    }
    $connection = $cman->byTable($strTableName);
    if (!$gQuery->HasGroupBy()) {
        // Do not select any fields except current (image) field.
        // If query has 'group by' clause then other fields are used in it and we may not simply cut 'em off.
        // Just don't do anything in that case.
        $gQuery->RemoveAllFieldsExcept($settings->getFieldIndex($field));
    }
    $where = KeyWhere($keys);
    $secOpt = $settings->getAdvancedSecurityType();
    if ($secOpt == ADVSECURITY_VIEW_OWN) {
        $where = whereAdd($where, SecuritySQL("Search"));
    }
    $sql = $gQuery->gSQLWhere($where);
    $data = $connection->query($sql)->fetchAssoc();
    if ($forPDF) {
        if ($data) {
            return $data[$field];
        }
    } else {
        if (!$data) {
            return DisplayNoImage();
        }
        if (postvalue('src') == 1) {
            $value = myfile_get_contents('images/icons/jpg.png');
        } else {
            $value = $connection->stripSlashesBinary($data[$field]);
        }
        if (!$value) {
            if (postvalue("alt")) {
                $value = $connection->stripSlashesBinary($data[postvalue("alt")]);
                if (!$value) {
                    return DisplayNoImage();
                }
            } else {
                return DisplayNoImage();
            }
        }
        $itype = SupposeImageType($value);
        if (!$itype) {
            return DisplayFile();
        }
        if (!isset($pdf)) {
            header("Content-Type: " . $itype);
            header("Cache-Control: private");
            SendContentLength(strlen_bin($value));
        }
        echoBinary($value);
        return '';
    }
}
开发者ID:ryanblanchard,项目名称:Dashboard,代码行数:94,代码来源:commonfunctions.php

示例6: add_nocache_headers

include "include/dbcommon.php";
add_nocache_headers();
include "include/Electricity_Rates_variables.php";
include "classes/searchcontrol.php";
include "classes/advancedsearchcontrol.php";
include "classes/panelsearchcontrol.php";
include "classes/searchclause.php";
$sessionPrefix = $strTableName;
//Basic includes js files
$includes = "";
// predefined fields num
$predefFieldNum = 0;
$chrt_array = array();
$rpt_array = array();
//	check if logged in
if (!@$_SESSION["UserID"] || !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search") && !@$chrt_array['status'] && !@$rpt_array['status'] || @$rpt_array['status'] == "private" && @$rpt_array['owner'] != @$_SESSION["UserID"] || @$chrt_array['status'] == "private" && @$chrt_array['owner'] != @$_SESSION["UserID"]) {
    $_SESSION["MyURL"] = $_SERVER["SCRIPT_NAME"] . "?" . $_SERVER["QUERY_STRING"];
    header("Location: login.php?message=expired");
    return;
}
$layout = new TLayout("search2", "BoldOrange", "MobileOrange");
$layout->blocks["top"] = array();
$layout->containers["search"] = array();
$layout->containers["search"][] = array("name" => "srchheader", "block" => "", "substyle" => 2);
$layout->containers["search"][] = array("name" => "srchconditions", "block" => "conditions_block", "substyle" => 1);
$layout->containers["search"][] = array("name" => "wrapper", "block" => "", "substyle" => 1);
$layout->containers["fields"] = array();
$layout->containers["fields"][] = array("name" => "srchfields", "block" => "", "substyle" => 1);
$layout->containers["fields"][] = array("name" => "srchbuttons", "block" => "", "substyle" => 2);
$layout->skins["fields"] = "fields";
$layout->skins["search"] = "1";
开发者ID:samsulpendis,项目名称:Instant_Appointment,代码行数:31,代码来源:Electricity_Rates_search.php

示例7: fillGridData

 /**
  * Fills list grid.This method use many other methods
  *
  */
 function fillGridData()
 {
     global $globalEvents;
     $totals = array();
     //	fill $rowinfo array
     $rowinfo = array();
     $this->fillGridShowInfo($rowinfo);
     //	add grid data
     $rowClass = false;
     $data = $this->beforeProccessRow();
     $lockRecIds = array();
     $this->googleMapCfg['viewLinkBase'] = $this->shortTableName . "_view.php?";
     $tKeys = $this->pSet->getTableKeys();
     $this->controlsMap['gridRows'] = array();
     for ($i = 0; $i < count($this->listFields); $i++) {
         $this->recordFieldTypes[$this->listFields[$i]['fName']] = $this->pSet->getFieldType($this->listFields[$i]["fName"]);
     }
     while ($data && ($this->recNo <= $this->pageSize || $this->pageSize == -1)) {
         $row = array();
         if (!$this->isVerLayout) {
             $row["rowclass"] = "";
             if (!$rowClass) {
                 $row["rowclass"] .= "interlaced";
                 $rowClass = true;
             } else {
                 $rowClass = false;
             }
         }
         $row["grid_record"] = array();
         $row["grid_record"]["data"] = array();
         $this->rowId++;
         for ($col = 1; $data && ($this->recNo <= $this->pageSize || $this->pageSize == -1) && $col <= $this->colsOnPage; $col++) {
             $this->countTotals($totals, $data);
             $record = array();
             $this->genId();
             $row["rowattrs"] = " id=\"gridRow" . $this->recId . "\"";
             $gridRowInd = count($this->controlsMap['gridRows']);
             $this->controlsMap['gridRows'][$gridRowInd]['id'] = $this->recId;
             $this->controlsMap['gridRows'][$gridRowInd]['rowInd'] = $gridRowInd;
             $isEditable = $this->permis[$this->tName]['edit'] && CheckSecurity($data[$this->mainTableOwnerID], "Edit");
             if ($globalEvents->exists("IsRecordEditable", $this->tName)) {
                 $isEditable = $globalEvents->IsRecordEditable($data, $isEditable, $this->tName);
             }
             $this->controlsMap['gridRows'][$gridRowInd]['isEditOwnRow'] = $isEditable;
             for ($i = 0; $i < count($tKeys); $i++) {
                 $this->controlsMap['gridRows'][$gridRowInd]['keyFields'][$i] = $tKeys[$i];
                 $this->controlsMap['gridRows'][$gridRowInd]['keys'][$i] = $data[$tKeys[$i]];
             }
             $record["edit_link"] = $isEditable;
             $record["inlineedit_link"] = $isEditable;
             $record["view_link"] = $this->permis[$this->tName]['search'];
             $record["copy_link"] = $this->permis[$this->tName]['add'];
             //for list icons instead of list links
             if ($col == 1) {
                 $this->countWidthListIcons('');
             }
             //get record id for locking record
             if ($this->lockingObj) {
                 if ($this->mode == LIST_SIMPLE && !count($this->lockDelRec) && isset($_SESSION[$this->sessionPrefix . "_lockDelRec"])) {
                     $this->lockDelRec = $_SESSION[$this->sessionPrefix . "_lockDelRec"];
                     unset($_SESSION[$this->sessionPrefix . "_lockDelRec"]);
                 }
                 for ($i = 0; $i < count($this->lockDelRec); $i++) {
                     $lockDelRec = true;
                     foreach ($this->lockDelRec[$i] as $key => $val) {
                         if ($data[$key] != $val) {
                             $lockDelRec = false;
                             break;
                         }
                     }
                     if ($lockDelRec) {
                         $lockRecIds[] = $this->recId;
                         break;
                     }
                 }
             }
             //	detail tables
             $this->proccessDetailGridInfo($record, $data, $gridRowInd);
             //	key fields
             $keyblock = "";
             $editlink = "";
             $copylink = "";
             $keylink = "";
             $keys = array();
             //to open view pages in popup clicking on markers
             for ($i = 0; $i < count($tKeys); $i++) {
                 if ($i != 0) {
                     $keyblock .= "&";
                     $editlink .= "&";
                     $copylink .= "&";
                 }
                 $keyblock .= rawurlencode($data[$tKeys[$i]]);
                 $editlink .= "editid" . ($i + 1) . "=" . htmlspecialchars(rawurlencode($data[$tKeys[$i]]));
                 $copylink .= "copyid" . ($i + 1) . "=" . htmlspecialchars(rawurlencode($data[$tKeys[$i]]));
                 $keylink .= "&key" . ($i + 1) . "=" . htmlspecialchars(rawurlencode(@$data[$tKeys[$i]]));
                 $keys[$i] = $data[$tKeys[$i]];
//.........这里部分代码省略.........
开发者ID:aagusti,项目名称:padl-tng,代码行数:101,代码来源:listpage.php

示例8: add_nocache_headers

include "include/dbcommon.php";
add_nocache_headers();
include "include/public_tmp_bank2_variables.php";
include "classes/searchcontrol.php";
include "classes/advancedsearchcontrol.php";
include "classes/panelsearchcontrol.php";
include "classes/searchclause.php";
$sessionPrefix = $strTableName;
//Basic includes js files
$includes = "";
// predefined fields num
$predefFieldNum = 0;
$chrt_array = array();
$rpt_array = array();
//	check if logged in
if (!isLogged() || CheckPermissionsEvent($strTableName, 'S') && !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search") && !@$chrt_array['status'] && !@$rpt_array['status'] || @$rpt_array['status'] == "private" && @$rpt_array['owner'] != @$_SESSION["UserID"] || @$chrt_array['status'] == "private" && @$chrt_array['owner'] != @$_SESSION["UserID"]) {
    $_SESSION["MyURL"] = $_SERVER["SCRIPT_NAME"] . "?" . $_SERVER["QUERY_STRING"];
    header("Location: login.php?message=expired");
    return;
}
$layout = new TLayout("search2", "RoundedGreen", "MobileGreen");
$layout->blocks["top"] = array();
$layout->containers["search"] = array();
$layout->containers["search"][] = array("name" => "srchheader", "block" => "", "substyle" => 2);
$layout->containers["search"][] = array("name" => "srchconditions", "block" => "conditions_block", "substyle" => 1);
$layout->containers["search"][] = array("name" => "wrapper", "block" => "", "substyle" => 1, "container" => "fields");
$layout->containers["fields"] = array();
$layout->containers["fields"][] = array("name" => "srchfields", "block" => "", "substyle" => 1);
$layout->skins["fields"] = "fields";
$layout->containers["search"][] = array("name" => "srchbuttons", "block" => "", "substyle" => 2);
$layout->skins["search"] = "1";
开发者ID:aagusti,项目名称:padl-tng,代码行数:31,代码来源:public_tmp_bank2_search.php

示例9: prepareButtons

 /**
  * Assign buttons xt variables
  */
 protected function prepareButtons()
 {
     global $globalEvents;
     if ($this->pdfMode) {
         return;
     }
     $this->prepareNextPrevButtons();
     if ($this->mode == VIEW_DASHBOARD) {
         return;
     }
     if ($this->mode == VIEW_SIMPLE) {
         //	back to list/menu buttons
         if ($this->pSet->hasListPage()) {
             $this->xt->assign("back_button", true);
             $this->xt->assign("backbutton_attrs", "id=\"backButton" . $this->id . "\"");
             $this->xt->assign("mbackbutton_attrs", "id=\"extraBackButton" . $this->id . "\"");
         } else {
             if ($this->isShowMenu()) {
                 $this->xt->assign("back_button", true);
                 $this->xt->assign("backbutton_attrs", "id=\"backToMenuButton" . $this->id . "\"");
             }
         }
     }
     if ($this->mode == VIEW_POPUP) {
         $this->xt->assign("close_button", true);
         $this->xt->assign("closebutton_attrs", "id=\"closeButton" . $this->id . "\"");
     }
     if ($this->pSet->hasEditPage() && $this->permis[$this->tName]['edit']) {
         $data = $this->getCurrentRecordInternal();
         $editable = $this->permis[$this->tName]['edit'] && CheckSecurity($data[$this->pSet->getTableOwnerID()], "Edit");
         if ($globalEvents->exists("IsRecordEditable", $this->tName)) {
             $editable = $globalEvents->IsRecordEditable($this->getCurrentRecordInternal(), $editable, $this->tName);
         }
         if ($editable) {
             $this->xt->assign("edit_page_button", true);
             $this->xt->assign("edit_page_button_attrs", "id=\"editPageButton" . $this->id . "\"");
         }
     }
 }
开发者ID:ryanblanchard,项目名称:Dashboard,代码行数:42,代码来源:viewpage.php

示例10: GetImageFromDB

function GetImageFromDB($gQuery, $forPDF = false, $params = array())
{
    global $conn;
    if (!$forPDF) {
        $table = postvalue("table");
        $strTableName = GetTableByShort($table);
        $settings = new ProjectSettings($strTableName);
        if (!checkTableName($table)) {
            return '';
        }
        //include("include/".$table."_variables.php");
        @ini_set("display_errors", "1");
        @ini_set("display_startup_errors", "1");
        if (!isLogged() || !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search")) {
            header("Location: login.php");
            return;
        }
        $field = postvalue("field");
        if (!$settings->checkFieldPermissions($field)) {
            return DisplayNoImage();
        }
        //	construct sql
        $keysArr = $settings->getTableKeys();
        $keys = array();
        foreach ($keysArr as $ind => $k) {
            $keys[$k] = postvalue("key" . ($ind + 1));
        }
    } else {
        $table = @$params["table"];
        $strTableName = GetTableByShort($table);
        if (!checkTableName($table)) {
            exit(0);
        }
        $settings = new ProjectSettings($strTableName);
        $field = @$params["field"];
        //	construct sql
        $keysArr = $settings->getTableKeys();
        $keys = array();
        foreach ($keysArr as $ind => $k) {
            $keys[$k] = @$params["key" . ($ind + 1)];
        }
    }
    if (!$gQuery->HasGroupBy()) {
        // Do not select any fields except current (image) field.
        // If query has 'group by' clause then other fields are used in it and we may not simply cut 'em off.
        // Just don't do anything in that case.
        $gQuery->RemoveAllFieldsExcept($settings->getFieldIndex($field));
    }
    $where = KeyWhere($keys);
    $sql = $gQuery->gSQLWhere($where);
    $rs = db_query($sql, $conn);
    if ($forPDF) {
        if ($rs && ($data = db_fetch_array($rs))) {
            return $data[$field];
        }
    } else {
        if (!$rs || !($data = db_fetch_array($rs))) {
            return DisplayNoImage();
        }
        if (postvalue('src') == 1 && strlen($data[$field]) > 51200) {
            $value = myfile_get_contents('images/icons/jpg.png');
        } else {
            $value = db_stripslashesbinary($data[$field]);
        }
        if (!$value) {
            if (postvalue("alt")) {
                $value = db_stripslashesbinary($data[postvalue("alt")]);
                if (!$value) {
                    return DisplayNoImage();
                }
            } else {
                return DisplayNoImage();
            }
        }
        $itype = SupposeImageType($value);
        if (!$itype) {
            return DisplayFile();
        }
        if (!isset($pdf)) {
            header("Content-Type: " . $itype);
            header("Cache-Control: private");
            SendContentLength(strlen_bin($value));
        }
        echoBinary($value);
        return '';
    }
}
开发者ID:aagusti,项目名称:padl-tng,代码行数:87,代码来源:commonfunctions.php

示例11: exit

        exit("You have no permissions for this action");
    }
} else {
    if (!$pSet->checkFieldPermissions($field) && ($pageType != PAGE_ADD || !$pSet->appearOnAddPage($field) && !$pSet->appearOnInlineAdd($field))) {
        exit("You have no permissions for this action");
    }
}
if (!$isPDF) {
    add_nocache_headers();
}
include_once "include/" . GetTableURL($strTableName) . "_variables.php";
//	check if logged in
if ($requestAction == 'POST') {
    $havePermission = CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Add") || CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Edit");
} else {
    $havePermission = CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search");
}
if (!isLogged() && $pageType != PAGE_REGISTER || !$havePermission) {
    header("Location: login.php");
    return;
}
require_once getabspath('classes/uploadhandler.php');
$upload_handler = new UploadHandler(getOptionsForMultiUpload($pSet, $field));
$upload_handler->pSet = $pSet;
$upload_handler->field = $field;
$upload_handler->table = $strTableName;
$upload_handler->pageType = $pageType;
switch ($requestAction) {
    case 'DELETE':
        printHeaders();
        $formStamp = postvalue("formStamp");
开发者ID:aagusti,项目名称:padl-tng,代码行数:31,代码来源:mfhandler.php

示例12: exit

$lookup = false;
if ($mainTable && $mainField) {
    $lookup = true;
}
if (!checkTableName($table)) {
    exit(0);
}
require_once "include/" . $table . "_variables.php";
$pSet = new ProjectSettings(GetTableByShort($table), $pageType);
$cipherer = new RunnerCipherer(GetTableByShort($table), $pSet);
$_connection = $cman->byTable($strTableName);
$lookupInRegisterPage = false;
if (!in_array($field, $pSet->getListFields())) {
    $lookupInRegisterPage = false;
}
if ((!isLogged() || !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search")) && !$lookupInRegisterPage) {
    $returnJSON = array("success" => false, "error" => '');
    echo printJSON($returnJSON);
    return;
}
if (!$pSet->checkFieldPermissions($field)) {
    $returnJSON = array("success" => false, "error" => 'Error: You have not permission for read this text');
    echo printJSON($returnJSON);
    return;
}
if (!$gQuery->HasGroupBy()) {
    // Do not select any fields except current (full text) field.
    // If query has 'group by' clause then other fields are used in it and we may not simply cut 'em off.
    // Just don't do anything in that case.
    $gQuery->RemoveAllFieldsExcept($pSet->getFieldIndex($field));
}
开发者ID:ryanblanchard,项目名称:Dashboard,代码行数:31,代码来源:fulltext.php

示例13: fillGridData

 /**
  * Fills list grid. This method use many other methods
  */
 function fillGridData()
 {
     global $globalEvents;
     $totals = array();
     //	fill $rowinfo array
     $rowinfo = array();
     $this->fillGridShowInfo($rowinfo);
     //	add grid data
     $data = $this->beforeProccessRow();
     $lockRecIds = array();
     $tKeys = $this->pSet->getTableKeys();
     $this->controlsMap['gridRows'] = array();
     for ($i = 0; $i < count($this->listFields); $i++) {
         $this->recordFieldTypes[$this->listFields[$i]['fName']] = $this->pSet->getFieldType($this->listFields[$i]["fName"]);
     }
     while ($data && ($this->recNo <= $this->pageSize || $this->pageSize == -1)) {
         $row = array();
         $row["grid_record"] = array();
         $row["grid_record"]["data"] = array();
         $this->rowId++;
         for ($col = 1; $data && ($this->recNo <= $this->pageSize || $this->pageSize == -1) && $col <= $this->colsOnPage; $col++) {
             $this->countTotals($totals, $data);
             $record = array();
             $this->genId();
             $row["rowattrs"] = " id=\"gridRow" . $this->recId . "\"";
             $gridRowInd = count($this->controlsMap['gridRows']);
             $this->controlsMap['gridRows'][$gridRowInd] = array();
             $this->controlsMap['gridRows'][$gridRowInd]['id'] = $this->recId;
             $this->controlsMap['gridRows'][$gridRowInd]['rowInd'] = $gridRowInd;
             //Add the connection with containing row. It's important for vertical layout's multiple records per row mode
             $this->controlsMap['gridRows'][$gridRowInd]['contextRowId'] = $this->recId + $this->colsOnPage - $col;
             $isEditable = $this->permis[$this->tName]['edit'] && CheckSecurity($data[$this->mainTableOwnerID], "Edit", $this->tName) || $this->permis[$this->tName]['delete'] && CheckSecurity($data[$this->mainTableOwnerID], "Delete", $this->tName);
             if ($globalEvents->exists("IsRecordEditable", $this->tName)) {
                 $isEditable = $globalEvents->IsRecordEditable($data, $isEditable, $this->tName);
             }
             $this->controlsMap['gridRows'][$gridRowInd]['isEditOwnRow'] = $isEditable;
             $this->controlsMap['gridRows'][$gridRowInd]['keyFields'] = array();
             $this->controlsMap['gridRows'][$gridRowInd]['keys'] = array();
             for ($i = 0; $i < count($tKeys); $i++) {
                 $this->controlsMap['gridRows'][$gridRowInd]['keyFields'][$i] = $tKeys[$i];
                 $this->controlsMap['gridRows'][$gridRowInd]['keys'][$i] = $data[$tKeys[$i]];
             }
             $record["edit_link"] = $isEditable;
             $record["inlineedit_link"] = $isEditable;
             $record["view_link"] = $this->permis[$this->tName]['search'];
             $record["copy_link"] = $this->permis[$this->tName]['add'];
             //get record id for locking record
             if ($this->lockingObj) {
                 if ($this->mode == LIST_SIMPLE && !count($this->lockDelRec) && isset($_SESSION[$this->sessionPrefix . "_lockDelRec"])) {
                     $this->lockDelRec = $_SESSION[$this->sessionPrefix . "_lockDelRec"];
                     unset($_SESSION[$this->sessionPrefix . "_lockDelRec"]);
                 }
                 for ($i = 0; $i < count($this->lockDelRec); $i++) {
                     $lockDelRec = true;
                     foreach ($this->lockDelRec[$i] as $key => $val) {
                         if ($data[$key] != $val) {
                             $lockDelRec = false;
                             break;
                         }
                     }
                     if ($lockDelRec) {
                         $lockRecIds[] = $this->recId;
                         break;
                     }
                 }
             }
             //	detail tables
             $this->proccessDetailGridInfo($record, $data, $gridRowInd);
             //	key fields
             $keyblock = "";
             $editlink = "";
             $copylink = "";
             $keylink = "";
             $keys = array();
             //to open view pages in popup clicking on markers
             for ($i = 0; $i < count($tKeys); $i++) {
                 if ($i != 0) {
                     $keyblock .= "&";
                     $editlink .= "&";
                     $copylink .= "&";
                 }
                 $keyblock .= rawurlencode($data[$tKeys[$i]]);
                 $editlink .= "editid" . ($i + 1) . "=" . runner_htmlspecialchars(rawurlencode($data[$tKeys[$i]]));
                 $copylink .= "copyid" . ($i + 1) . "=" . runner_htmlspecialchars(rawurlencode($data[$tKeys[$i]]));
                 $keylink .= "&key" . ($i + 1) . "=" . runner_htmlspecialchars(rawurlencode(@$data[$tKeys[$i]]));
                 $keys[$i] = $data[$tKeys[$i]];
             }
             $this->recIds[] = $this->recId;
             $record["recordattrs"] = "data-record-id=\"" . $this->recId . "\"";
             $record["editlink_attrs"] = "id=\"editLink" . $this->recId . "\" name=\"editLink" . $this->recId . "\" href='" . GetTableLink($this->shortTableName, "edit", $editlink) . "'";
             $record["copylink_attrs"] = "id=\"copyLink" . $this->recId . "\" name=\"copyLink" . $this->recId . "\" href='" . GetTableLink($this->shortTableName, "add", $copylink) . "'";
             $record["viewlink_attrs"] = "id=\"viewLink" . $this->recId . "\" name=\"viewLink" . $this->recId . "\" href='" . GetTableLink($this->shortTableName, "view", $editlink) . "'";
             $record["inlineeditlink_attrs"] = "id=\"iEditLink" . $this->recId . "\" name=\"iEditLink" . $this->recId . "\" href='" . GetTableLink($this->shortTableName, "edit", $editlink) . "'";
             $this->fillCheckAttr($record, $data, $keyblock);
             if ($this->googleMapCfg['isUseMainMaps']) {
                 $this->addBigGoogleMapMarkers($data, $keys, $editlink);
             }
//.........这里部分代码省略.........
开发者ID:sdev1,项目名称:CloudStockEnquiry,代码行数:101,代码来源:listpage.php

示例14: array

    $xt->assign("header", false);
    $xt->assign("body", $pageObject->body);
}
$xt->assign("style_block", true);
$pageObject->xt->assign("legend", true);
$viewlink = "";
$viewkeys = array();
$viewkeys["editid1"] = postvalue("editid1");
foreach ($viewkeys as $key => $val) {
    if ($viewlink) {
        $viewlink .= "&";
    }
    $viewlink .= $key . "=" . $val;
}
$xt->assign("viewlink_attrs", "id=\"viewButton" . $id . "\" name=\"viewButton" . $id . "\" onclick=\"window.location.href='app_modules_view.php?" . $viewlink . "'\"");
if (CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search") && $inlineedit == EDIT_SIMPLE) {
    $xt->assign("view_button", true);
} else {
    $xt->assign("view_button", false);
}
/////////////////////////////////////////////////////////////
//display the page
/////////////////////////////////////////////////////////////
if ($eventObj->exists("BeforeShowEdit")) {
    $eventObj->BeforeShowEdit($xt, $templatefile, $data, $pageObject);
}
if ($inlineedit != EDIT_SIMPLE) {
    $returnJSON['controlsMap'] = $pageObject->controlsHTMLMap;
    $returnJSON['viewControlsMap'] = $pageObject->viewControlsHTMLMap;
    $returnJSON['settings'] = $pageObject->jsSettings;
}
开发者ID:aagusti,项目名称:padl-tng,代码行数:31,代码来源:app_modules_edit.php

示例15: postvalue

<?php

@ini_set("display_errors", "1");
@ini_set("display_startup_errors", "1");
require_once "include/dbcommon.php";
$tableName = postvalue("tableName");
$pageType = postvalue("pageType");
$fieldName = postvalue("fieldName");
$fieldControlType = postvalue("fieldControlType");
$value = postvalue("value");
if (!checkTableName($tableName)) {
    exit(0);
}
require_once "include/" . $tableName . "_variables.php";
if ($pageType != PAGE_REGISTER && (!isLogged() || !CheckSecurity(@$_SESSION["_" . $strTableName . "_OwnerID"], "Search"))) {
    $returnJSON = array("success" => false, "error" => "Error: You have not permissions to read the " . $tableName . " table's data");
    echo printJSON($returnJSON);
    return;
}
// set db connection
$_connection = $cman->byTable($strTableName);
$pSet = new ProjectSettings($strTableName, $pageType);
$denyChecking = $pSet->allowDuplicateValues($fieldName);
$denyChecking = $denyChecking && ($strTableName != "DashboardUsers" || $fieldName != $cUserNameField && $fieldName != $cEmailField);
if ($denyChecking) {
    $returnJSON = array("success" => false, "error" => "Duplicated values are allowed");
    echo printJSON($returnJSON);
    return;
}
$cipherer = new RunnerCipherer($strTableName, $pSet);
if ($cipherer->isFieldEncrypted($fieldName)) {
开发者ID:ryanblanchard,项目名称:Dashboard,代码行数:31,代码来源:checkduplicates.php


注:本文中的CheckSecurity函数示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。