当前位置: 首页>>代码示例>>PHP>>正文


PHP SEC_getPermissionValues函数代码示例

本文整理汇总了PHP中SEC_getPermissionValues函数的典型用法代码示例。如果您正苦于以下问题:PHP SEC_getPermissionValues函数的具体用法?PHP SEC_getPermissionValues怎么用?PHP SEC_getPermissionValues使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。


在下文中一共展示了SEC_getPermissionValues函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: SetVars

 /**
  *   Set the value of all variables from an array, either DB or a form
  *
  *   @param  array   $A      Array of fields
  *   @param  boolean $fromDB True if $A is from the database, false for form
  */
 public function SetVars($A, $fromDB = false)
 {
     if (isset($A['cal_id']) && !empty($A['cal_id'])) {
         $this->cal_id = $A['cal_id'];
     }
     // These fields come in the same way from DB or form
     $fields = array('cal_name', 'fgcolor', 'bgcolor', 'owner_id', 'group_id');
     foreach ($fields as $field) {
         if (isset($A[$field])) {
             $this->{$field} = $A[$field];
         }
     }
     if (isset($A['cal_status']) && $A['cal_status'] == 1) {
         $this->cal_status = 1;
     } else {
         $this->cal_status = 0;
     }
     if (isset($A['cal_ena_ical']) && $A['cal_ena_ical'] == 1) {
         $this->cal_ena_ical = 1;
     } else {
         $this->cal_ena_ical = 0;
     }
     if ($fromDB) {
         $this->perm_owner = $A['perm_owner'];
         $this->perm_group = $A['perm_group'];
         $this->perm_members = $A['perm_members'];
         $this->perm_anon = $A['perm_anon'];
     } else {
         $perms = SEC_getPermissionValues($_POST['perm_owner'], $_POST['perm_group'], $_POST['perm_members'], $_POST['perm_anon']);
         $this->perm_owner = $perms[0];
         $this->perm_group = $perms[1];
         $this->perm_members = $perms[2];
         $this->perm_anon = $perms[3];
     }
 }
开发者ID:matrox66,项目名称:evlist,代码行数:41,代码来源:evCalendar.class.php

示例2: links_save_category

function links_save_category($cid, $old_cid, $pid, $category, $description, $tid, $owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon)
{
    global $_CONF, $_TABLES, $_USER, $LANG_LINKS, $LANG_LINKS_ADMIN, $_LI_CONF, $PLG_links_MESSAGE17;
    // Convert array values to numeric permission values
    if (is_array($perm_owner) or is_array($perm_group) or is_array($perm_members) or is_array($perm_anon)) {
        list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon);
    }
    // clean 'em up
    $description = addslashes(COM_checkHTML(COM_checkWords($description), 'links.edit'));
    $category = addslashes(COM_checkHTML(COM_checkWords($category), 'links.edit'));
    $pid = addslashes(strip_tags($pid));
    $cid = addslashes(strip_tags($cid));
    $old_cid = addslashes(strip_tags($old_cid));
    if (empty($category) || empty($description)) {
        return 7;
    }
    // Check cid to make sure not illegal
    if ($cid == addslashes($_LI_CONF['root']) || $cid == 'user') {
        return 11;
    }
    if (!empty($cid) && $cid != $old_cid) {
        // this is either a new category or an attempt to change the cid
        // - check that cid doesn't exist yet
        $ctrl = DB_getItem($_TABLES['linkcategories'], 'cid', "cid = '{$cid}'");
        if (!empty($ctrl)) {
            if (isset($PLG_links_MESSAGE17)) {
                return 17;
            } else {
                return 11;
            }
        }
    }
    // Check that they didn't delete the cid. If so, get the hidden one
    if (empty($cid) && !empty($old_cid)) {
        $cid = $old_cid;
    }
    // Make sure they aren't making a parent category child of one of it's own
    // children. This would create orphans
    if ($cid == DB_getItem($_TABLES['linkcategories'], 'pid', "cid='{$pid}'")) {
        return 12;
    }
    $access = 0;
    if (DB_count($_TABLES['linkcategories'], 'cid', $old_cid) > 0) {
        // update existing item, but new cid so get access from database with old cid
        $result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['linkcategories']} WHERE cid='{$old_cid}'");
        $A = DB_fetchArray($result);
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
        // set flag
        $update = "existing";
    } else {
        if (DB_count($_TABLES['linkcategories'], 'cid', $cid) > 0) {
            // update existing item, same cid, so get access from database with existing cid
            $result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group, perm_members,perm_anon FROM {$_TABLES['linkcategories']} WHERE cid='{$cid}'");
            $A = DB_fetchArray($result);
            $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
            // set flag
            $update = "same";
        } else {
            // new item, so use passed values
            $access = SEC_hasAccess($owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon);
            // set flag
            $update = 'new';
        }
    }
    if ($access < 3) {
        // no access rights: user should not be here
        COM_accessLog(sprintf($LANG_LINKS_ADMIN[60], $_USER['username'], $cid));
        return 6;
    } else {
        // save item
        if ($update == 'existing') {
            // update an existing item but new cid
            $sql = "UPDATE {$_TABLES['linkcategories']}\n                    SET cid='{$cid}',\n                        pid='{$pid}',\n                        tid='{$tid}',category='{$category}',\n                        description='{$description}',\n                        modified=NOW(),\n                        owner_id='{$owner_id}',group_id='{$group_id}',\n                        perm_owner='{$perm_owner}',perm_group='{$perm_group}',\n                        perm_members='{$perm_members}',perm_anon='{$perm_anon}'\n                    WHERE cid = '{$old_cid}'";
            $result = DB_query($sql);
            // Also need to update links for this category
            $sql = "UPDATE {$_TABLES['links']} SET cid='{$cid}' WHERE cid='{$old_cid}'";
            $result = DB_query($sql);
        } else {
            if ($update == 'same') {
                // update an existing item
                $sql = "UPDATE {$_TABLES['linkcategories']}\n                    SET pid='{$pid}',\n                        tid='{$tid}',category='{$category}',\n                        description='{$description}',\n                        modified=NOW(),\n                        owner_id='{$owner_id}',group_id='{$group_id}',\n                        perm_owner='{$perm_owner}',perm_group='{$perm_group}',\n                        perm_members='{$perm_members}',perm_anon='{$perm_anon}'\n                    WHERE cid = '{$cid}'";
                $result = DB_query($sql);
            } else {
                // insert a new item
                if (empty($cid)) {
                    $cid = COM_makeSid();
                }
                $sql = "INSERT INTO {$_TABLES['linkcategories']}\n                    (cid, pid, category, description, tid,\n                    created,modified,\n                    owner_id, group_id, perm_owner, perm_group,\n                    perm_members, perm_anon)\n                    VALUES\n                    ('{$cid}','{$pid}','{$category}',\n                    '{$description}','{$tid}',\n                    NOW(),NOW(),\n                    '{$owner_id}','{$group_id}','{$perm_owner}',\n                    '{$perm_group}','{$perm_members}','{$perm_anon}')";
                $result = DB_query($sql);
            }
        }
        if ($update == 'existing' && $cid != $old_cid) {
            PLG_itemSaved($cid, 'links.category', $old_cid);
        } else {
            PLG_itemSaved($cid, 'links.category');
        }
    }
    return 10;
    // success message
}
开发者ID:hostellerie,项目名称:nexpro,代码行数:100,代码来源:category.php

示例3: service_submit_staticpages


//.........这里部分代码省略.........
        if ($sp_id != $sp_old_id) {
            $duplicate_id = true;
        }
    } elseif (!empty($sp_old_id)) {
        if ($sp_id != $sp_old_id) {
            $delete_old_page = true;
        }
    }
    if ($duplicate_id) {
        $output .= COM_siteHeader('menu', $LANG_STATIC['staticpageeditor']);
        $output .= COM_errorLog($LANG_STATIC['duplicate_id'], 2);
        if (!$args['gl_svc']) {
            $output .= PAGE_edit($sp_id);
        }
        $output .= COM_siteFooter();
        $svc_msg['error_desc'] = 'Duplicate ID';
        return PLG_RET_ERROR;
    } elseif (!empty($sp_title) && !empty($sp_content)) {
        if (empty($sp_hits)) {
            $sp_hits = 0;
        }
        if ($sp_onmenu == 'on') {
            $sp_onmenu = 1;
        } else {
            $sp_onmenu = 0;
        }
        if ($sp_nf == 'on') {
            $sp_nf = 1;
        } else {
            $sp_nf = 0;
        }
        if ($sp_centerblock == 'on') {
            $sp_centerblock = 1;
        } else {
            $sp_centerblock = 0;
        }
        if ($sp_inblock == 'on') {
            $sp_inblock = 1;
        } else {
            $sp_inblock = 0;
        }
        // Clean up the text
        if ($_SP_CONF['censor'] == 1) {
            $sp_content = COM_checkWords($sp_content);
            $sp_title = COM_checkWords($sp_title);
        }
        if ($_SP_CONF['filter_html'] == 1) {
            $sp_content = COM_checkHTML($sp_content, 'staticpages.edit');
        }
        $sp_title = strip_tags($sp_title);
        $sp_label = strip_tags($sp_label);
        $sp_content = DB_escapeString($sp_content);
        $sp_title = DB_escapeString($sp_title);
        $sp_label = DB_escapeString($sp_label);
        // If user does not have php edit perms, then set php flag to 0.
        if ($_SP_CONF['allow_php'] != 1 || !SEC_hasRights('staticpages.PHP')) {
            $sp_php = 0;
        }
        // make sure there's only one "entire page" static page per topic
        if ($sp_centerblock == 1 && $sp_where == 0) {
            $sql = "UPDATE {$_TABLES['staticpage']} SET sp_centerblock = 0 WHERE sp_centerblock = 1 AND sp_where = 0 AND sp_tid = '" . DB_escapeString($sp_tid) . "'";
            // multi-language configuration - allow one entire page
            // centerblock for all or none per language
            if (!empty($_CONF['languages']) && !empty($_CONF['language_files']) && ($sp_tid == 'all' || $sp_tid == 'none')) {
                $ids = explode('_', $sp_id);
                if (count($ids) > 1) {
                    $lang_id = array_pop($ids);
                    $sql .= " AND sp_id LIKE '%\\_" . DB_escapeString($lang_id) . "'";
                }
            }
            DB_query($sql);
        }
        $formats = array('allblocks', 'blankpage', 'leftblocks', 'rightblocks', 'noblocks');
        if (!in_array($sp_format, $formats)) {
            $sp_format = 'allblocks';
        }
        if (!$args['gl_svc']) {
            list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon);
        }
        DB_save($_TABLES['staticpage'], 'sp_id,sp_status,sp_uid,sp_title,sp_content,sp_date,sp_hits,sp_format,sp_onmenu,sp_label,commentcode,owner_id,group_id,' . 'perm_owner,perm_group,perm_members,perm_anon,sp_php,sp_nf,sp_centerblock,sp_help,sp_tid,sp_where,sp_inblock,postmode,sp_search', "'{$sp_id}',{$sp_status}, {$sp_uid},'{$sp_title}','{$sp_content}',NOW(),{$sp_hits},'{$sp_format}',{$sp_onmenu},'{$sp_label}','{$commentcode}',{$owner_id},{$group_id}," . "{$perm_owner},{$perm_group},{$perm_members},{$perm_anon},'{$sp_php}','{$sp_nf}',{$sp_centerblock},'{$sp_help}','{$sp_tid}',{$sp_where}," . "'{$sp_inblock}','{$postmode}',{$sp_search}");
        if ($delete_old_page && !empty($sp_old_id)) {
            DB_delete($_TABLES['staticpage'], 'sp_id', $sp_old_id);
            DB_change($_TABLES['comments'], 'sid', DB_escapeString($sp_id), array('sid', 'type'), array(DB_escapeString($sp_old_id), 'staticpages'));
            PLG_itemDeleted($sp_old_id, 'staticpages');
        }
        PLG_itemSaved($sp_id, 'staticpages');
        $url = COM_buildURL($_CONF['site_url'] . '/page.php?page=' . $sp_id);
        $output .= PLG_afterSaveSwitch($_SP_CONF['aftersave'], $url, 'staticpages');
        $svc_msg['id'] = $sp_id;
        return PLG_RET_OK;
    } else {
        $output .= COM_siteHeader('menu', $LANG_STATIC['staticpageeditor']);
        $output .= COM_errorLog($LANG_STATIC['no_title_or_content'], 2);
        if (!$args['gl_svc']) {
            $output .= PAGE_edit($sp_id);
        }
        $output .= COM_siteFooter();
        return PLG_RET_ERROR;
    }
}
开发者ID:JohnToro,项目名称:glfusion,代码行数:101,代码来源:services.inc.php

示例4: savetopic

/**
* Save topic to the database
*
* @param    string  $tid            Topic ID
* @param    string  $topic          Name of topic (what the user sees)
* @param    string  $imageurl       (partial) URL to topic image
* @param    string  $meta_description    Topic meta description
* @param    string  $meta_keywords       Topic meta keywords
* @param    int     $sortnum        number for sort order in "Topics" block
* @param    int     $limitnews      number of stories per page for this topic
* @param    int     $owner_id       ID of owner
* @param    int     $group_id       ID of group topic belongs to
* @param    int     $perm_owner     Permissions the owner has
* @param    int     $perm_group     Permissions the group has
* @param    int     $perm_member    Permissions members have
* @param    int     $perm_anon      Permissions anonymous users have
* @param    string  $is_default     'on' if this is the default topic
* @param    string  $is_archive     'on' if this is the archive topic
* @return   string                  HTML redirect or error message
*/
function savetopic($tid, $topic, $imageurl, $meta_description, $meta_keywords, $sortnum, $limitnews, $owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon, $is_default, $is_archive)
{
    global $_CONF, $_TABLES, $LANG27, $MESSAGE;
    $retval = '';
    // Convert array values to numeric permission values
    list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon);
    $tid = COM_sanitizeID($tid);
    $access = 0;
    if (DB_count($_TABLES['topics'], 'tid', $tid) > 0) {
        $result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['topics']} WHERE tid = '{$tid}'");
        $A = DB_fetchArray($result);
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
    } else {
        $access = SEC_hasAccess($owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon);
    }
    if ($access < 3 || !SEC_inGroup($group_id)) {
        $retval .= COM_siteHeader('menu', $MESSAGE[30]) . COM_showMessageText($MESSAGE[29], $MESSAGE[30]) . COM_siteFooter();
        COM_accessLog("User {$_USER['username']} tried to illegally create or edit topic {$tid}.");
    } elseif (!empty($tid) && !empty($topic)) {
        if ($imageurl == '/images/topics/') {
            $imageurl = '';
        }
        $topic = addslashes($topic);
        $meta_description = addslashes(strip_tags($meta_description));
        $meta_keywords = addslashes(strip_tags($meta_keywords));
        if ($is_default == 'on') {
            $is_default = 1;
            DB_query("UPDATE {$_TABLES['topics']} SET is_default = 0 WHERE is_default = 1");
        } else {
            $is_default = 0;
        }
        $is_archive = $is_archive == 'on' ? 1 : 0;
        $archivetid = DB_getItem($_TABLES['topics'], 'tid', "archive_flag=1");
        if ($is_archive) {
            // $tid is the archive topic
            // - if it wasn't already, mark all its stories "archived" now
            if ($archivetid != $tid) {
                DB_query("UPDATE {$_TABLES['stories']} SET featured = 0, frontpage = 0, statuscode = " . STORY_ARCHIVE_ON_EXPIRE . " WHERE tid = '{$tid}'");
                DB_query("UPDATE {$_TABLES['topics']} SET archive_flag = 0 WHERE archive_flag = 1");
            }
        } else {
            // $tid is not the archive topic
            // - if it was until now, reset the "archived" status of its stories
            if ($archivetid == $tid) {
                DB_query("UPDATE {$_TABLES['stories']} SET statuscode = 0 WHERE tid = '{$tid}'");
                DB_query("UPDATE {$_TABLES['topics']} SET archive_flag = 0 WHERE archive_flag = 1");
            }
        }
        DB_save($_TABLES['topics'], 'tid, topic, imageurl, meta_description, meta_keywords, sortnum, limitnews, is_default, archive_flag, owner_id, group_id, perm_owner, perm_group, perm_members, perm_anon', "'{$tid}', '{$topic}', '{$imageurl}', '{$meta_description}', '{$meta_keywords}','{$sortnum}','{$limitnews}',{$is_default},'{$is_archive}',{$owner_id},{$group_id},{$perm_owner},{$perm_group},{$perm_members},{$perm_anon}");
        // update feed(s) and Older Stories block
        COM_rdfUpToDateCheck('article', $tid);
        COM_olderStuff();
        $retval = COM_refresh($_CONF['site_admin_url'] . '/topic.php?msg=13');
    } else {
        $retval .= COM_siteHeader('menu', $LANG27[1]);
        $retval .= COM_errorLog($LANG27[7], 2);
        $retval .= COM_siteFooter();
    }
    return $retval;
}
开发者ID:hostellerie,项目名称:nexpro,代码行数:80,代码来源:topic.php

示例5: _loadFromArgs

 function _loadFromArgs(&$array)
 {
     $corder = trim($array['corder']);
     $this->_owner_id = COM_applyFilter($array['owner_id'], true);
     $this->_group_id = COM_applyFilter($array['group_id'], true);
     $this->_cid = COM_applyFilter(trim($array['cid']));
     $this->_old_cid = COM_applyFilter(trim($array['old_cid']));
     $this->_pid = COM_applyFilter(trim($array['pid']));
     $this->_corder = empty($corder) ? 0 : COM_applyFilter($corder, true);
     $this->_imgurl = COM_applyFilter($array['imgurl']);
     $this->_imgurlold = COM_applyFilter($array['imgurlold']);
     $this->_title = COM_checkHTML(COM_checkWords(trim($array['title'])));
     $this->_is_enabled = $array['is_enabled'] == 'on' ? 1 : 0;
     $this->_deleteimg = $array['deleteimg'] == 'on' ? 1 : 0;
     // Convert array values to numeric permission values
     list($this->_perm_owner, $this->_perm_group, $this->_perm_members, $this->_perm_anon) = SEC_getPermissionValues($array['perm_owner'], $array['perm_group'], $array['perm_members'], $array['perm_anon']);
     $this->_editor_mode = COM_applyFilter($array['editor_mode']);
 }
开发者ID:mistgrass,项目名称:geeklog-ivywe,代码行数:18,代码来源:category.class.php

示例6: savelink

/**
* Saves link to the database
*
* @param    string  $lid            ID for link
* @param    string  $old_lid        old ID for link
* @param    string  $cid            cid of category link belongs to
* @param    string  $categorydd     Category links belong to
* @param    string  $url            URL of link to save
* @param    string  $description    Description of link
* @param    string  $title          Title of link
* @param    int     $hits           Number of hits for link
* @param    int     $owner_id       ID of owner
* @param    int     $group_id       ID of group link belongs to
* @param    int     $perm_owner     Permissions the owner has
* @param    int     $perm_group     Permissions the group has
* @param    int     $perm_members   Permissions members have
* @param    int     $perm_anon      Permissions anonymous users have
* @return   string                  HTML redirect or error message
* @global array core config vars
* @global array core group data
* @global array core table data
* @global array core user data
* @global array core msg data
* @global array links plugin lang admin vars
*
*/
function savelink($lid, $old_lid, $cid, $categorydd, $url, $description, $title, $hits, $owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon)
{
    global $_CONF, $_GROUPS, $_TABLES, $_USER, $MESSAGE, $LANG_LINKS_ADMIN, $_LI_CONF;
    $retval = '';
    // Convert array values to numeric permission values
    if (is_array($perm_owner) or is_array($perm_group) or is_array($perm_members) or is_array($perm_anon)) {
        list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon);
    }
    // Remove any autotags the user doesn't have permission to use
    $description = PLG_replaceTags($description, '', true);
    // clean 'em up
    $description = DB_escapeString(COM_checkHTML(COM_checkWords($description), 'links.edit'));
    $title = DB_escapeString(strip_tags(COM_checkWords($title)));
    $cid = DB_escapeString($cid);
    if (empty($owner_id)) {
        // this is new link from admin, set default values
        $owner_id = $_USER['uid'];
        if (isset($_GROUPS['Links Admin'])) {
            $group_id = $_GROUPS['Links Admin'];
        } else {
            $group_id = SEC_getFeatureGroup('links.edit');
        }
        $perm_owner = 3;
        $perm_group = 2;
        $perm_members = 2;
        $perm_anon = 2;
    }
    $lid = COM_sanitizeID($lid);
    $old_lid = COM_sanitizeID($old_lid);
    if (empty($lid)) {
        if (empty($old_lid)) {
            $lid = COM_makeSid();
        } else {
            $lid = $old_lid;
        }
    }
    // check for link id change
    if (!empty($old_lid) && $lid != $old_lid) {
        // check if new lid is already in use
        if (DB_count($_TABLES['links'], 'lid', $lid) > 0) {
            // TBD: abort, display editor with all content intact again
            $lid = $old_lid;
            // for now ...
        }
    }
    $access = 0;
    $old_lid = DB_escapeString($old_lid);
    if (DB_count($_TABLES['links'], 'lid', $old_lid) > 0) {
        $result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['links']} WHERE lid = '{$old_lid}'");
        $A = DB_fetchArray($result);
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
    } else {
        $access = SEC_hasAccess($owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon);
    }
    if ($access < 3 || !SEC_inGroup($group_id)) {
        $display .= COM_showMessageText($MESSAGE[29], $MESSAGE[30]);
        $display = COM_createHTMLDocument($display, array('pagetitle' => $MESSAGE[30]));
        COM_accessLog("User {$_USER['username']} tried to illegally submit or edit link {$lid}.");
        COM_output($display);
        exit;
    } elseif (!empty($title) && !empty($description) && !empty($url)) {
        if ($categorydd != $LANG_LINKS_ADMIN[7] && !empty($categorydd)) {
            $cid = DB_escapeString($categorydd);
        } else {
            if ($categorydd != $LANG_LINKS_ADMIN[7]) {
                echo COM_refresh($_CONF['site_admin_url'] . '/plugins/links/index.php');
            }
        }
        DB_delete($_TABLES['linksubmission'], 'lid', $old_lid);
        DB_delete($_TABLES['links'], 'lid', $old_lid);
        DB_save($_TABLES['links'], 'lid,cid,url,description,title,date,hits,owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon', "'{$lid}','{$cid}','{$url}','{$description}','{$title}',NOW(),'{$hits}',{$owner_id},{$group_id},{$perm_owner},{$perm_group},{$perm_members},{$perm_anon}");
        if (empty($old_lid) || $old_lid == $lid) {
            PLG_itemSaved($lid, 'links');
        } else {
//.........这里部分代码省略.........
开发者ID:milk54,项目名称:geeklog-japan,代码行数:101,代码来源:index.php

示例7: SetVars

 /**
  *  Sets all variables to the matching values from $rows.
  *
  *  @param  array   $row        Array of values, from DB or $_POST
  *  @param  boolean $fromDB     True if read from DB, false if from $_POST
  */
 public function SetVars($row, $fromDB = false)
 {
     global $_EV_CONF;
     if (!is_array($row)) {
         return;
     }
     $this->date_start1 = isset($row['date_start1']) && !empty($row['date_start1']) ? $row['date_start1'] : date('Y-m-d');
     $this->date_end1 = isset($row['date_end1']) && !empty($row['date_end1']) ? $row['date_end1'] : $this->date_start1;
     $this->cal_id = $row['cal_id'];
     $this->show_upcoming = isset($row['show_upcoming']) ? 1 : 0;
     $this->recurring = isset($row['recurring']) && $row['recurring'] == 1 ? 1 : 0;
     $this->show_upcoming = isset($row['show_upcoming']) && $row['show_upcoming'] == 1 ? 1 : 0;
     if (isset($row['allday']) && $row['allday'] == 1) {
         $this->allday = 1;
         $this->split = 0;
     } else {
         $this->allday = 0;
         $this->split = isset($row['split']) && $row['split'] == 1 ? 1 : 0;
     }
     // Multi-day events can't be split
     if ($this->date_start1 != $this->date_end1) {
         $this->split = 0;
     }
     $this->status = isset($row['status']) && $row['status'] == 1 ? 1 : 0;
     $this->postmode = isset($row['postmode']) && $row['postmode'] == 'html' ? 'html' : 'plaintext';
     $this->enable_reminders = isset($row['enable_reminders']) && $row['enable_reminders'] == 1 ? 1 : 0;
     $this->owner_id = $row['owner_id'];
     $this->group_id = $row['group_id'];
     //$this->title = $row['title'];
     if (isset($row['categories']) && is_array($row['categories'])) {
         $this->categories = $row['categories'];
     }
     // Join or split the date values as needed
     if ($fromDB) {
         // dates are YYYY-MM-DD
         $this->id = isset($row['id']) ? $row['id'] : '';
         $this->rec_data = unserialize($row['rec_data']);
         if (!$this->rec_data) {
             $this->rec_data = array();
         }
         $this->det_id = $row['det_id'];
         $this->hits = $row['hits'];
         $this->perm_owner = $row['perm_owner'];
         $this->perm_group = $row['perm_group'];
         $this->perm_members = $row['perm_members'];
         $this->perm_anon = $row['perm_anon'];
         $this->time_start1 = $row['time_start1'];
         $this->time_end1 = $row['time_end1'];
         $this->time_start2 = $row['time_start2'];
         $this->time_end2 = $row['time_end2'];
         $this->options = unserialize($row['options']);
         if (!$this->options) {
             $this->options = array();
         }
     } else {
         // Coming from the form
         $this->id = isset($row['eid']) ? $row['eid'] : '';
         // Ignore time entries & set to all day if flagged as such
         if (isset($row['allday']) && $row['allday'] == '1') {
             $this->time_start1 = '00:00:00';
             $this->time_end1 = '23:59:59';
         } else {
             $tmp = EVLIST_12to24($row['starthour1'], $row['start1_ampm']);
             $this->time_start1 = sprintf('%02d:%02d:00', $tmp, $row['startminute1']);
             $tmp = EVLIST_12to24($row['endhour1'], $row['end1_ampm']);
             $this->time_end1 = sprintf('%02d:%02d:00', $tmp, $row['endminute1']);
         }
         // If split, record second time/date values.
         // Splits don't support allday events
         if ($this->split == 1) {
             $tmp = EVLIST_12to24($row['starthour2'], $row['start2_ampm']);
             $this->time_start2 = sprintf('%02d:%02d:00', $tmp, $row['startminute2']);
             $tmp = EVLIST_12to24($row['endhour2'], $row['end2_ampm']);
             $this->time_end2 = sprintf('%02d:%02d:00', $tmp, $row['endminute1']);
         } else {
             $this->time_start2 = NULL;
             $this->time_end2 = NULL;
         }
         if (isset($_POST['perm_owner'])) {
             $perms = SEC_getPermissionValues($row['perm_owner'], $row['perm_group'], $row['perm_members'], $row['perm_anon']);
             $this->perm_owner = $perms[0];
             $this->perm_group = $perms[1];
             $this->perm_members = $perms[2];
             $this->perm_anon = $perms[3];
         }
         $this->owner_id = $row['owner_id'];
         $this->group_id = $row['group_id'];
         $this->options['contactlink'] = isset($row['contactlink']) ? 1 : 0;
         $this->options['tickets'] = array();
         if ($_EV_CONF['enable_rsvp']) {
             $this->options['use_rsvp'] = (int) $row['use_rsvp'];
             $this->options['max_rsvp'] = (int) $row['max_rsvp'];
             $this->options['rsvp_waitlist'] = isset($row['rsvp_waitlist']) ? 1 : 0;
             $this->options['rsvp_cutoff'] = (int) $row['rsvp_cutoff'];
//.........这里部分代码省略.........
开发者ID:NewRoute,项目名称:evlist,代码行数:101,代码来源:evEvent.class.php

示例8: TOPIC_save

/**
* Save topic to the database
*
* @param    string  $tid            Topic ID
* @param    string  $topic          Name of topic (what the user sees)
* @param    string  $imageurl       (partial) URL to topic image
* @param    int     $sortnum        number for sort order in "Topics" block
* @param    int     $limitnews      number of stories per page for this topic
* @param    int     $owner_id       ID of owner
* @param    int     $group_id       ID of group topic belongs to
* @param    int     $perm_owner     Permissions the owner has
* @param    int     $perm_group     Permissions the group has
* @param    int     $perm_members    Permissions members have
* @param    int     $perm_anon      Permissions anonymous users have
* @param    string  $is_default     'on' if this is the default topic
* @param    string  $archive_flag     'on' if this is the archive topic
* @return   string                  HTML redirect or error message
*/
function TOPIC_save($T)
{
    global $_CONF, $_TABLES, $LANG27, $MESSAGE;
    $retval = '';
    $tid = isset($T['tid']) ? $T['tid'] : '';
    $topic = $T['topic'];
    $imageurl = $T['imageurl'];
    $sortnum = $T['sortnum'];
    $sort_by = $T['sort_by'];
    $limitnews = $T['limitnews'];
    $sort_dir = $T['sort_dir'];
    $owner_id = $T['owner_id'];
    $group_id = $T['group_id'];
    $perm_owner = $T['perm_owner'];
    $perm_group = $T['perm_group'];
    $perm_members = $T['perm_members'];
    $perm_anon = $T['perm_anon'];
    $is_default = $T['is_default'];
    $archive_flag = $T['archive_flag'];
    // error checks...
    if (empty($tid)) {
        $msg = $LANG27[7];
        $retval .= COM_siteHeader();
        $retval .= TOPIC_edit('', $T, $msg);
        $retval .= COM_siteFooter();
        return $retval;
    }
    if (empty($topic)) {
        $msg = $LANG27[7];
        $retval .= COM_siteHeader();
        $retval .= TOPIC_edit('', $T, $msg);
        $retval .= COM_siteFooter();
        return $retval;
    }
    if (strstr($tid, ' ')) {
        $msg = $LANG27[42];
        $retval .= COM_siteHeader();
        $retval .= TOPIC_edit('', $T, $msg);
        $retval .= COM_siteFooter();
        return $retval;
    }
    if ($sortnum != '') {
        $tidSortNumber = DB_getItem($_TABLES['topics'], 'sortnum', 'tid="' . DB_escapeString($sortnum) . '"');
        $newSortNum = $tidSortNumber + 1;
    } else {
        $newSortNum = 0;
    }
    $T['sortnum'] = $newSortNum;
    list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon);
    $tid = COM_sanitizeID($tid);
    $access = 0;
    if (DB_count($_TABLES['topics'], 'tid', $tid) > 0) {
        $result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['topics']} WHERE tid = '{$tid}'");
        $A = DB_fetchArray($result);
        if (SEC_inGroup('Topic Admin')) {
            $access = 3;
        } else {
            $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
        }
    } else {
        if (SEC_inGroup('Topic Admin')) {
            $access = 3;
        } else {
            $access = SEC_hasAccess($owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon);
        }
    }
    if ($access < 3 || !SEC_inGroup($group_id)) {
        $retval .= COM_siteHeader('menu', $MESSAGE[30]);
        $retval .= COM_showMessageText($MESSAGE[32], $MESSAGE[30], true);
        $retval .= COM_siteFooter();
        COM_accessLog("User {$_USER['username']} tried to illegally create or edit topic {$tid}.");
    } elseif (!empty($tid) && !empty($topic)) {
        if ($imageurl == '/images/topics/') {
            $imageurl = '';
        }
        $topic = DB_escapeString(strip_tags($topic));
        if ($is_default == 'on') {
            $is_default = 1;
            DB_query("UPDATE {$_TABLES['topics']} SET is_default = 0 WHERE is_default = 1");
        } else {
            $is_default = 0;
        }
//.........这里部分代码省略.........
开发者ID:NewRoute,项目名称:glfusion,代码行数:101,代码来源:topic.php

示例9: saveautotags

/** 
* Saves a Auto Tag to the database
*
*/
function saveautotags($tag, $old_tag, $description, $is_enabled, $is_function, $replacement, $owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon)
{
    global $_CONF, $LANG_AUTO, $_AUTO_CONF, $_TABLES;
    // Convert array values to numeric permission values
    if (is_array($perm_owner) or is_array($perm_group) or is_array($perm_members) or is_array($perm_anon)) {
        list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon);
    }
    $old_tag = COM_applyFilter($old_tag);
    // Check for unique page ID
    $duplicate_id = false;
    $delete_old_page = false;
    if (DB_count($_TABLES['autotags'], 'tag', $tag) > 0) {
        if ($tag != $old_tag) {
            $duplicate_id = true;
        }
    } elseif (!empty($old_tag)) {
        if ($tag != $old_tag) {
            $delete_old_page = true;
        }
    }
    $is_function = $is_function == 'on' ? 1 : 0;
    // If user does not have php edit perms, then set php flag to 0.
    if ($_AUTO_CONF['allow_php'] != 1 || !SEC_hasRights('autotags.PHP')) {
        $is_function = 0;
    }
    $retval = '';
    if ($duplicate_id) {
        $retval .= COM_siteHeader();
        $retval .= COM_errorLog($LANG_AUTO['duplicate_tag'], 2);
        $retval .= autotagseditor($tag);
        $retval .= COM_siteFooter();
    } elseif (!empty($tag) && in_array($tag, autotags_existing_tags())) {
        $retval .= COM_siteHeader();
        $retval .= COM_errorLog($LANG_AUTO['disallowed_tag'], 2);
        $retval .= autotagseditor('');
        $retval .= COM_siteFooter();
    } elseif (!empty($tag) && (!empty($replacement) || $is_function == 1)) {
        if ($is_enabled == 'on') {
            $is_enabled = 1;
        } else {
            $is_enabled = 0;
        }
        // Clean up the text
        $description = strip_tags($description);
        $description = addslashes($description);
        $replacement = addslashes($replacement);
        DB_save($_TABLES['autotags'], 'tag,description,is_enabled,is_function,replacement,owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon', "'{$tag}','{$description}',{$is_enabled},{$is_function},'{$replacement}',{$owner_id},{$group_id},{$perm_owner},{$perm_group},{$perm_members},{$perm_anon}");
        if ($delete_old_page && !empty($old_tag)) {
            DB_delete($_TABLES['autotags'], 'tag', $old_tag);
        }
        $retval = COM_refresh($_CONF['site_admin_url'] . '/plugins/autotags/index.php');
    } else {
        $retval .= COM_siteHeader();
        $retval .= COM_errorLog($LANG_AUTO['no_tag_or_replacement'], 2);
        $retval .= autotagseditor($tag);
        $retval .= COM_siteFooter();
    }
    return $retval;
}
开发者ID:milk54,项目名称:geeklog-japan,代码行数:63,代码来源:index.php

示例10: SEC_getPermissionValues

   if ($cat_id > 0) {
       //catDelImage($cat_id);
       adCategory::DelImage($cat_id);
   }
   $view = 'editcat';
   break;*/
 case 'resetadperms':
     $perms = SEC_getPermissionValues($_POST['perm_owner'], $_POST['perm_group'], $_POST['perm_members'], $_POST['perm_anon']);
     $sql = "UPDATE\n                {$_TABLES['ad_ads']}\n            SET\n                perm_owner={$perms[0]},\n                perm_group={$perms[1]},\n                perm_members={$perms[2]},\n                perm_anon={$perms[3]},\n                group_id=" . COM_applyFilter($_POST['group_id'], true);
     DB_query($sql);
     $content .= COM_showMessage('09', $_CONF_ADVT['pi_name']);
     $view = 'admin';
     $actionval = 'other';
     break;
 case 'resetcatperms':
     $perms = SEC_getPermissionValues($_POST['perm_owner'], $_POST['perm_group'], $_POST['perm_members'], $_POST['perm_anon']);
     $sql = "UPDATE\n                {$_TABLES['ad_category']}\n            SET\n                perm_owner={$perms[0]},\n                perm_group={$perms[1]},\n                perm_members={$perms[2]},\n                perm_anon={$perms[3]},\n                group_id=" . COM_applyFilter($_POST['group_id'], true);
     DB_query($sql);
     $content .= COM_showMessage('09', $_CONF_ADVT['pi_name']);
     $view = 'admin';
     $actionval = 'other';
     break;
 case 'toggleadtype':
     USES_classifieds_class_adtype();
     AdType::toggleEnabled($ad_id, $_REQUEST['enabled']);
     $view = 'admintypes';
     break;
     /*    case 'saveadtype':
             USES_classifieds_class_adtype();
             $AdType = new AdType($ad_id);
             $AdType->SetVars($_POST);
开发者ID:NewRoute,项目名称:classifieds,代码行数:31,代码来源:index.php

示例11: savepoll

/**
 * Saves a poll
 * Saves a poll topic and potential answers to the database
 *
 * @param    string $pid          Poll topic ID
 * @param    string $old_pid      Previous poll topic ID
 * @param    array  $Q            Array of poll questions
 * @param    string $mainPage     Checkbox: poll appears on homepage
 * @param    string $topic        The text for the topic
 * @param    string $meta_description
 * @param    string $meta_keywords
 * @param    int    $statusCode   (unused)
 * @param    string $open         Checkbox: poll open for voting
 * @param    string $hideResults  Checkbox: hide results until closed
 * @param    int    $commentCode  Indicates if users can comment on poll
 * @param    array  $A            Array of possible answers
 * @param    array  $V            Array of vote per each answer
 * @param    array  $R            Array of remark per each answer
 * @param    int    $owner_id     ID of poll owner
 * @param    int    $group_id     ID of group poll belongs to
 * @param    int    $perm_owner   Permissions the owner has on poll
 * @param    int    $perm_group   Permissions the group has on poll
 * @param    int    $perm_members Permissions logged in members have on poll
 * @param    int    $perm_anon    Permissions anonymous users have on poll
 * @param    bool   $allow_multipleanswers
 * @param    string $topic_description
 * @param    string $description
 * @return   string|void
 */
function savepoll($pid, $old_pid, $Q, $mainPage, $topic, $meta_description, $meta_keywords, $statusCode, $open, $hideResults, $commentCode, $A, $V, $R, $owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon, $allow_multipleanswers, $topic_description, $description)
{
    global $_CONF, $_TABLES, $_USER, $LANG21, $LANG25, $MESSAGE, $_POLL_VERBOSE, $_PO_CONF;
    $retval = '';
    // Convert array values to numeric permission values
    list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon);
    $topic = COM_stripslashes($topic);
    $topic = COM_checkHTML($topic);
    $topic_description = strip_tags(COM_stripslashes($topic_description));
    $meta_description = strip_tags(COM_stripslashes($meta_description));
    $meta_keywords = strip_tags(COM_stripslashes($meta_keywords));
    $pid = COM_sanitizeID($pid);
    $old_pid = COM_sanitizeID($old_pid);
    if (empty($pid)) {
        if (empty($old_pid)) {
            $pid = COM_makeSid();
        } else {
            $pid = $old_pid;
        }
    }
    // check if any question was entered
    if (empty($topic) || count($Q) === 0 || strlen($Q[0]) === 0 || strlen($A[0][0]) === 0) {
        $retval .= COM_showMessageText($LANG25[2], $LANG21[32]);
        $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG25[5]));
        return $retval;
    }
    if (!SEC_checkToken()) {
        COM_accessLog("User {$_USER['username']} tried to save poll {$pid} and failed CSRF checks.");
        COM_redirect($_CONF['site_admin_url'] . '/plugins/polls/index.php');
    }
    // check for poll id change
    if (!empty($old_pid) && $pid != $old_pid) {
        // check if new pid is already in use
        if (DB_count($_TABLES['polltopics'], 'pid', $pid) > 0) {
            // TBD: abort, display editor with all content intact again
            $pid = $old_pid;
            // for now ...
        }
    }
    // start processing the poll topic
    if ($_POLL_VERBOSE) {
        COM_errorLog('**** Inside savepoll() in ' . $_CONF['site_admin_url'] . '/plugins/polls/index.php ***');
    }
    if (DB_count($_TABLES['polltopics'], 'pid', $pid) > 0) {
        $result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['polltopics']} WHERE pid = '{$pid}'");
        $P = DB_fetchArray($result);
        $access = SEC_hasAccess($P['owner_id'], $P['group_id'], $P['perm_owner'], $P['perm_group'], $P['perm_members'], $P['perm_anon']);
    } else {
        $access = SEC_hasAccess($owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon);
    }
    if ($access < 3 || !SEC_inGroup($group_id)) {
        $display = COM_showMessageText($MESSAGE[29], $MESSAGE[30]);
        $display = COM_createHTMLDocument($display, array('pagetitle' => $MESSAGE[30]));
        COM_accessLog("User {$_USER['username']} tried to illegally submit or edit poll {$pid}.");
        COM_output($display);
        exit;
    }
    if ($_POLL_VERBOSE) {
        COM_errorLog('owner permissions: ' . $perm_owner, 1);
        COM_errorLog('group permissions: ' . $perm_group, 1);
        COM_errorLog('member permissions: ' . $perm_members, 1);
        COM_errorLog('anonymous permissions: ' . $perm_anon, 1);
    }
    // we delete everything and re-create it with the input from the form
    $del_pid = $pid;
    if (!empty($old_pid) && $pid != $old_pid) {
        $del_pid = $old_pid;
        // delete by old pid, create using new pid below
    }
    // Retrieve Created Date before delete
    $created_date = DB_getItem($_TABLES['polltopics'], 'created', "pid = '{$del_pid}'");
//.........这里部分代码省略.........
开发者ID:mystralkk,项目名称:geeklog,代码行数:101,代码来源:index.php

示例12: adSave

/**
*   Insert or update an ad with form values.  Setting $admin to true
*   allows ads to be saved on behalf of another user.
*
*   @param string  $savetype Save action to perform
*   @return array
*      [0] = string value of page to redirect to
*      [1] = content of any error message or text
*/
function adSave($savetype = 'edit')
{
    global $_TABLES, $_CONF_ADVT, $_USER, $_CONF, $LANG_ADVT, $LANG12;
    global $LANG_ADMIN;
    $admin = SEC_hasRights($_CONF_ADVT['pi_name'] . '.admin');
    // Sanitize form variables.  There should always be an ad id defined
    $A = array();
    if (isset($_POST['ad_id'])) {
        $A['ad_id'] = COM_sanitizeID($_POST['ad_id'], false);
    } elseif (isset($_POST['id'])) {
        $A['ad_id'] = COM_sanitizeID($_POST['id'], false);
    }
    if ($A['ad_id'] == '') {
        return array(CLASSIFIEDS_URL, 'Missing Ad ID');
    }
    // Make sure the current user can edit this ad.
    if (CLASSIFIEDS_checkAccess($A['ad_id']) < 3) {
        return array();
    }
    $A['subject'] = trim($_POST['subject']);
    $A['descript'] = trim($_POST['descript']);
    if ($_POST['postmode'] == 'plaintext') {
        $A['descript'] = nl2br($A['descript']);
    }
    $A['price'] = trim($_POST['price']);
    $A['url'] = COM_sanitizeUrl($_POST['url'], array('http', 'https'), 'http');
    $A['catid'] = (int) $_POST['catid'];
    $A['ad_type'] = (int) $_POST['ad_type'];
    $A['keywords'] = trim($_POST['keywords']);
    $A['add_date'] = COM_applyFilter($_POST['add_date'], true);
    $A['exp_date'] = COM_applyFilter($_POST['exp_date'], true);
    if ($A['exp_date'] == 0) {
        $A['exp_date'] = $A['add_date'];
    }
    $A['exp_sent'] = (int) $_POST['exp_sent'] == 1 ? 1 : 0;
    $A['owner_id'] = (int) $_POST['owner_id'];
    $A['group_id'] = (int) $_POST['group_id'];
    $A['uid'] = $A['owner_id'];
    $A['comments_enabled'] = (int) $_POST['comments_enabled'];
    switch ($savetype) {
        case 'moderate':
        case 'adminupdate':
        case 'savesubmission':
        case 'editsubmission':
        case 'submission':
            $perms = SEC_getPermissionValues($_POST['perm_owner'], $_POST['perm_group'], $_POST['perm_members'], $_POST['perm_anon']);
            $A['perms'] = $perms;
            break;
        case $LANG_ADMIN['save']:
        case $LANG12[8]:
        default:
            $A['perms'] = array((int) $_POST['perm_owner'], (int) $_POST['perm_group'], (int) $_POST['perm_members'], (int) $_POST['perm_anon']);
            break;
    }
    // Set anon permissions according to category if not an admin.
    // To avoid form injection.
    if (!$admin && DB_getItem($_TABLES['ad_category'], 'perm_anon', "cat_id='{$A['cat_id']}'") == '0') {
        $A['perms'][3] = 0;
    }
    $photo = $_FILES['photo'];
    $moredays = COM_applyFilter($_POST['moredays'], true);
    if ($_CONF_ADVT['purchase_enabled'] && !$admin) {
        // non-administrator is limited to the available days on account,
        // if applicable.
        USES_classifieds_class_userinfo();
        $User = new adUserInfo();
        $moredays = min($moredays, $User->getMaxDays());
    }
    // Validate some fields.
    $errmsg = '';
    if ($A['subject'] == '') {
        $errmsg .= "<li>{$LANG_ADVT['subject_required']}</li>";
    }
    if ($A['descript'] == '') {
        $errmsg .= "<li>{$LANG_ADVT['description_required']}</li>";
    }
    if ($errmsg != '') {
        $errmsg = "<span class=\"alert\"><ul>{$errmsg}</ul></span>\n";
        // return to edit page so user can correct
        return array(1, $errmsg);
        //return $errmsg;
    }
    // Calculate the new number of days. For an existing ad start from the
    // date added, if new then start from now.  If the ad has already expired,
    // then $moredays will be added to now() rather than exp_date.
    if ($moredays > 0) {
        $moretime = $moredays * 86400;
        $save_exp_date = $A['exp_date'];
        if ($A['exp_date'] < time()) {
            $basetime = time();
        } else {
//.........这里部分代码省略.........
开发者ID:NewRoute,项目名称:classifieds,代码行数:101,代码来源:advt_functions.inc.php

示例13: CMED_setMI

/**
* Set values of one menuitem in global array $MI
*/
function CMED_setMI()
{
    global $_CONF, $MI;
    $url = trim($_POST['url']);
    $icon_url = trim($_POST['icon_url']);
    $menuorder = trim($_POST['menuorder']);
    $MI = array('mid' => COM_applyFilter($_POST['mid']), 'pmid' => COM_applyFilter($_POST['pmid']), 'is_enabled' => $_POST['is_enabled'] == 'on' ? 1 : 0, 'type' => $_POST['type'], 'mode' => $_POST['mmode'], 'label' => $_POST['title_fixation'], 'label_var' => $_POST['title_variable'], 'php_function' => $_POST['php_function'], 'url' => empty($url) ? '' : strip_tags($url), 'icon_url' => empty($icon_url) ? '' : strip_tags($icon_url), 'tid' => COM_applyFilter($_POST['tid']), 'menuorder' => empty($menuorder) ? 0 : COM_applyFilter($menuorder, true), 'pattern' => $_POST['pattern'], 'is_preg' => $_POST['is_preg'] == 'on' ? 1 : 0, 'class_name' => COM_applyFilter($_POST['class_name']), 'owner_id' => COM_applyFilter($_POST['owner_id'], true), 'group_id' => COM_applyFilter($_POST['group_id'], true), 'perm_owner' => $_POST['perm_owner'], 'perm_group' => $_POST['perm_group'], 'perm_members' => $_POST['perm_members'], 'perm_anon' => $_POST['perm_anon'], 'old_mid' => COM_applyFilter($_POST['old_mid']));
    // Convert array values to numeric permission values
    list($MI['perm_owner'], $MI['perm_group'], $MI['perm_members'], $MI['perm_anon']) = SEC_getPermissionValues($MI['perm_owner'], $MI['perm_group'], $MI['perm_members'], $MI['perm_anon']);
}
开发者ID:milk54,项目名称:geeklog-japan,代码行数:13,代码来源:index.php

示例14: saveblock

/**
* Saves a block
*
* @param    string  $bid            Block ID
* @param    string  $title          Block title
* @param    string  $type           Type of block
* @param    int     $blockorder     Order block appears relative to the others
* @param    string  $content        Content of block
* @param    string  $tid            Topic block should appear in
* @param    string  $rdfurl         URL to headline feed for portal blocks
* @param    string  $rdfupdated     Date RSS/RDF feed was last updated
* @param    string  $rdflimit       max. number of entries to import from feed
* @param    string  $phpblockfn     Name of php function to call to get content
* @param    int     $onleft         Flag indicates if block shows up on left or right
* @param    int     $owner_id       ID of owner
* @param    int     $group_id       ID of group block belongs to
* @param    array   $perm_owner     Permissions the owner has on the object
* @param    array   $perm_group     Permissions the group has on the object
* @param    array   $perm_members   Permissions the logged in members have
* @param    array   $perm_anon      Permissinos anonymous users have
* @param    int     $is_enabled     Flag, indicates if block is enabled or not
* @return   string                  HTML redirect or error message
*
*/
function saveblock($bid, $name, $title, $help, $type, $blockorder, $content, $tid, $rdfurl, $rdfupdated, $rdflimit, $phpblockfn, $onleft, $owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon, $is_enabled, $allow_autotags)
{
    global $_CONF, $_TABLES, $LANG01, $LANG21, $MESSAGE;
    $retval = '';
    $title = addslashes(COM_stripslashes(strip_tags($title)));
    $phpblockfn = addslashes(COM_stripslashes(trim($phpblockfn)));
    if (empty($title)) {
        $retval .= COM_siteHeader('menu', $LANG21[63]) . COM_startBlock($LANG21[63], '', COM_getBlockTemplate('_msg_block', 'header')) . $LANG21[64] . COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')) . editblock($bid) . COM_siteFooter();
        return $retval;
    }
    // Convert array values to numeric permission values
    list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon);
    $access = 0;
    if ($bid > 0 && DB_count($_TABLES['blocks'], 'bid', $bid) > 0) {
        $result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['blocks']} WHERE bid = '{$bid}'");
        $A = DB_fetchArray($result);
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
    } else {
        $access = SEC_hasAccess($owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon);
    }
    if ($access < 3 || !hasBlockTopicAccess($tid) || !SEC_inGroup($group_id)) {
        $retval .= COM_siteHeader('menu', $MESSAGE[30]) . COM_showMessageText($MESSAGE[29], $MESSAGE[30]) . COM_siteFooter();
        COM_accessLog("User {$_USER['username']} tried to illegally create or edit block {$bid}.");
        return $retval;
    } elseif ($type == 'normal' && !empty($title) && !empty($content) or $type == 'portal' && !empty($title) && !empty($rdfurl) or $type == 'gldefault' && strlen($blockorder) > 0 or $type == 'phpblock' && !empty($phpblockfn) && !empty($title)) {
        if ($is_enabled == 'on') {
            $is_enabled = 1;
        } else {
            $is_enabled = 0;
        }
        if ($allow_autotags == 'on') {
            $allow_autotags = 1;
        } else {
            $allow_autotags = 0;
        }
        if ($type == 'portal') {
            $content = '';
            $rdfupdated = '';
            $phpblockfn = '';
            // get rid of possible extra prefixes (e.g. "feed://http://...")
            if (substr($rdfurl, 0, 4) == 'rss:') {
                $rdfurl = substr($rdfurl, 4);
            } else {
                if (substr($rdfurl, 0, 5) == 'feed:') {
                    $rdfurl = substr($rdfurl, 5);
                }
            }
            if (substr($rdfurl, 0, 2) == '//') {
                $rdfurl = substr($rdfurl, 2);
            }
            $rdfurl = COM_sanitizeUrl($rdfurl, array('http', 'https'));
        }
        if ($type == 'gldefault') {
            if ($name != 'older_stories') {
                $content = '';
            }
            $rdfurl = '';
            $rdfupdated = '';
            $rdflimit = 0;
            $phpblockfn = '';
        }
        if ($type == 'phpblock') {
            // NOTE: PHP Blocks must be within a function and the function
            // must start with phpblock_ as the prefix.  This will prevent
            // the arbitrary execution of code
            if (!stristr($phpblockfn, 'phpblock_')) {
                $retval .= COM_siteHeader('menu', $LANG21[37]) . COM_startBlock($LANG21[37], '', COM_getBlockTemplate('_msg_block', 'header')) . $LANG21[38] . COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')) . editblock($bid) . COM_siteFooter();
                return $retval;
            }
            $content = '';
            $rdfurl = '';
            $rdfupdated = '';
            $rdflimit = 0;
        }
        if ($type == 'normal') {
            $rdfurl = '';
//.........这里部分代码省略.........
开发者ID:hostellerie,项目名称:nexpro,代码行数:101,代码来源:block.php

示例15: fncSave

function fncSave($edt_flg, $navbarMenu, $menuno)
{
    $pi_name = "userbox";
    global $_CONF;
    global $_TABLES;
    global $_USER;
    global $_USERBOX_CONF;
    global $LANG_USERBOX_ADMIN;
    global $_FILES;
    $addition_def = DATABOX_getadditiondef($pi_name);
    $retval = '';
    // clean 'em up
    $id = COM_applyFilter($_POST['id'], true);
    $fieldset_id = COM_applyFilter($_POST['fieldset'], true);
    //@@@@@ username fullname
    $username = COM_applyFilter($_POST['username']);
    $username = addslashes(COM_checkHTML(COM_checkWords($username)));
    $fullname = COM_applyFilter($_POST['fullname']);
    $fullname = addslashes(COM_checkHTML(COM_checkWords($fullname)));
    $page_title = COM_applyFilter($_POST['page_title']);
    $page_title = addslashes(COM_checkHTML(COM_checkWords($page_title)));
    $description = $_POST['description'];
    //COM_applyFilter($_POST['description']);
    $description = addslashes(COM_checkHTML(COM_checkWords($description)));
    $defaulttemplatesdirectory = COM_applyFilter($_POST['defaulttemplatesdirectory']);
    $defaulttemplatesdirectory = addslashes(COM_checkHTML(COM_checkWords($defaulttemplatesdirectory)));
    $draft_flag = COM_applyFilter($_POST['draft_flag'], true);
    //            $hits =0;
    //            $comments=0;
    $comment_expire_flag = COM_applyFilter($_POST['comment_expire_flag'], true);
    if ($comment_expire_flag) {
        $comment_expire_month = COM_applyFilter($_POST['comment_expire_month'], true);
        $comment_expire_day = COM_applyFilter($_POST['comment_expire_day'], true);
        $comment_expire_year = COM_applyFilter($_POST['comment_expire_year'], true);
        $comment_expire_hour = COM_applyFilter($_POST['comment_expire_hour'], true);
        $comment_expire_minute = COM_applyFilter($_POST['comment_expire_minute'], true);
        if ($comment_expire_ampm == 'pm') {
            if ($comment_expire_hour < 12) {
                $comment_expire_hour = $comment_expire_hour + 12;
            }
        }
        if ($comment_expire_ampm == 'am' and $comment_expire_hour == 12) {
            $comment_expire_hour = '00';
        }
    } else {
        $comment_expire_month = 0;
        $comment_expire_day = 0;
        $comment_expire_year = 0;
        $comment_expire_hour = 0;
        $comment_expire_minute = 0;
    }
    $commentcode = COM_applyFilter($_POST['commentcode'], true);
    $trackbackcode = COM_applyFilter($_POST['trackbackcode'], true);
    $cache_time = COM_applyFilter($_POST['cache_time'], true);
    $meta_description = $_POST['meta_description'];
    $meta_description = addslashes(COM_checkHTML(COM_checkWords($meta_description)));
    $meta_keywords = $_POST['meta_keywords'];
    $meta_keywords = addslashes(COM_checkHTML(COM_checkWords($meta_keywords)));
    $language_id = COM_applyFilter($_POST['language_id']);
    $language_id = addslashes(COM_checkHTML(COM_checkWords($language_id)));
    $category = $_POST['category'];
    //@@@@@
    $additionfields = $_POST['afield'];
    $additionfields_old = $_POST['afield'];
    $additionfields_fnm = $_POST['afield_fnm'];
    $additionfields_del = $_POST['afield_del'];
    $additionfields_alt = $_POST['afield_alt'];
    $additionfields_date = array();
    $dummy = DATABOX_cleanaddtiondatas($additionfields, $addition_def, $additionfields_fnm, $additionfields_del, $additionfields_date, $additionfields_alt);
    //
    $owner_id = COM_applyFilter($_POST['owner_id'], true);
    $group_id = COM_applyFilter($_POST['group_id'], true);
    //
    $array['perm_owner'] = $_POST['perm_owner'];
    $array['perm_group'] = $_POST['perm_group'];
    $array['perm_members'] = $_POST['perm_members'];
    $array['perm_anon'] = $_POST['perm_anon'];
    if (is_array($array['perm_owner']) || is_array($array['perm_group']) || is_array($array['perm_members']) || is_array($array['perm_anon'])) {
        list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($array['perm_owner'], $array['perm_group'], $array['perm_members'], $array['perm_anon']);
    } else {
        $perm_owner = COM_applyBasicFilter($array['perm_owner'], true);
        $perm_group = COM_applyBasicFilter($array['perm_group'], true);
        $perm_members = COM_applyBasicFilter($array['perm_members'], true);
        $perm_anon = COM_applyBasicFilter($array['perm_anon'], true);
    }
    //編集日付
    $modified_autoupdate = COM_applyFilter($_POST['modified_autoupdate'], true);
    if ($modified_autoupdate == 1) {
        //$udate = date('Ymd');
        $modified_month = date('m');
        $modified_day = date('d');
        $modified_year = date('Y');
        $modified_hour = date('H');
        $modified_minute = date('i');
    } else {
        $modified_month = COM_applyFilter($_POST['modified_month'], true);
        $modified_day = COM_applyFilter($_POST['modified_day'], true);
        $modified_year = COM_applyFilter($_POST['modified_year'], true);
        $modified_hour = COM_applyFilter($_POST['modified_hour'], true);
        $modified_minute = COM_applyFilter($_POST['modified_minute'], true);
//.........这里部分代码省略.........
开发者ID:mistgrass,项目名称:geeklog-ivywe,代码行数:101,代码来源:profile.php


注:本文中的SEC_getPermissionValues函数示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。