当前位置: 首页>>代码示例>>PHP>>正文


PHP SEC_getUserGroups函数代码示例

本文整理汇总了PHP中SEC_getUserGroups函数的典型用法代码示例。如果您正苦于以下问题:PHP SEC_getUserGroups函数的具体用法?PHP SEC_getUserGroups怎么用?PHP SEC_getUserGroups使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。


在下文中一共展示了SEC_getUserGroups函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: getChildCategories

 public function getChildCategories($pid = FALSE, $all_langs = FALSE)
 {
     global $_CONF, $_TABLES;
     $entries = array();
     if ($pid !== FALSE) {
         return $entries;
     }
     $sql = "SELECT forum_id, forum_name FROM {$_TABLES['gf_forums']} " . "  WHERE (is_hidden = '0') ";
     if (!Dataproxy::isRoot()) {
         $current_groups = SEC_getUserGroups(Dataproxy::uid());
         $sql .= "AND (grp_id IN (" . implode(',', $current_groups) . ")) ";
     }
     $sql .= "ORDER BY forum_order";
     $result = DB_query($sql);
     if (DB_error()) {
         return $entries;
     }
     while (($A = DB_fetchArray($result, FALSE)) !== FALSE) {
         $entry = array();
         $entry['id'] = (int) $A['forum_id'];
         $entry['pid'] = FALSE;
         $entry['title'] = stripslashes($A['forum_name']);
         $entry['uri'] = $_CONF['site_url'] . '/forum/index.php?forum=' . $entry['id'];
         $entry['date'] = FALSE;
         $entry['image_uri'] = FALSE;
         $entries[] = $entry;
     }
     return $entries;
 }
开发者ID:milk54,项目名称:geeklog-japan,代码行数:29,代码来源:forum.class.php

示例2: MG_globalAlbumPermEditor

/**
* Global album attribute editor
*
* @return   string              HTML
*
**/
function MG_globalAlbumPermEditor($adminMenu = 0)
{
    global $_CONF, $_MG_CONF, $LANG_MG00, $LANG_MG01, $LANG_ACCESS;
    $retval = '';
    if (!SEC_hasRights('mediagallery.admin')) {
        return COM_showMessageText($LANG_MG00['access_denied_msg']);
    }
    $A['moderate'] = 0;
    $A['member_uploads'] = 0;
    $A['email_mod'] = 0;
    // If edit, pull up the existing album information...
    $usergroups = SEC_getUserGroups();
    for ($i = 0; $i < count($usergroups); $i++) {
        if ('mediagallery Admin' == key($usergroups)) {
            $A['group_id'] = $usergroups[key($usergroups)];
            $A['mod_group_id'] = $A['group_id'];
        }
        next($usergroups);
    }
    $A['perm_owner'] = 3;
    $A['perm_group'] = 3;
    $A['perm_members'] = 2;
    $A['perm_anon'] = 2;
    $usergroups = SEC_getUserGroups();
    $groupdd = '';
    $moddd = '';
    $groupdd .= '<select name="group_id">';
    $moddd .= '<select name="mod_id">';
    for ($i = 0; $i < count($usergroups); $i++) {
        if ($usergroups[key($usergroups)] != 2 && $usergroups[key($usergroups)] != 13) {
            $groupdd .= '<option value="' . $usergroups[key($usergroups)] . '"';
            $moddd .= '<option value="' . $usergroups[key($usergroups)] . '"';
            if ($A['group_id'] == $usergroups[key($usergroups)]) {
                $groupdd .= ' selected="selected"';
                $groupname = key($usergroups);
            }
            if ($A['mod_group_id'] == $usergroups[key($usergroups)]) {
                $moddd .= ' selected="selected"';
            }
            $groupdd .= '>' . key($usergroups) . '</option>';
            $moddd .= '>' . key($usergroups) . '</option>';
        }
        next($usergroups);
    }
    $groupdd .= '</select>';
    $moddd .= '</select>';
    $T = COM_newTemplate(MG_getTemplatePath(0));
    $T->set_file('admin', 'global_album_perm.thtml');
    $T->set_var(array('action' => 'globalperm', 'permissions_editor' => SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']), 'permissions_msg' => $LANG_ACCESS['permmsg'], 'group_select' => $groupdd, 'mod_group_select' => $moddd, 'admin_menu' => $adminMenu, 'lang_save' => $LANG_MG01['save'], 's_form_action' => $_MG_CONF['site_url'] . '/admin.php', 'lang_cancel' => $LANG_MG01['cancel'], 'lang_global_perm_help' => $LANG_MG01['global_perm_help'], 'lang_value' => $LANG_MG01['value'], 'lang_attribute' => $LANG_MG01['attribute'], 'lang_update' => $LANG_MG01['update'], 'lang_group' => $LANG_ACCESS['group'], 'lang_permissions' => $LANG_ACCESS['permissions'], 'lang_perm_key' => $LANG_ACCESS['permissionskey'], 'lang_member_upload' => $LANG_MG01['member_upload'], 'lang_moderate_album' => $LANG_MG01['mod_album'], 'lang_mod_group' => $LANG_MG01['moderation_group'], 'lang_email_mods_on_submission' => $LANG_MG01['email_mods_on_submission']));
    $retval .= COM_startBlock($LANG_MG01['global_perm_editor'], '', COM_getBlockTemplate('_admin_block', 'header'));
    $retval .= $T->finish($T->parse('output', 'admin'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
开发者ID:mistgrass,项目名称:geeklog-ivywe,代码行数:60,代码来源:global.php

示例3: display_mailform

/**
* Shows the form the admin uses to send Geeklog members a message. Right now
* you can only email an entire group.
*
* @return   string      HTML for the email form
*
*/
function display_mailform()
{
    global $_CONF, $LANG31, $LANG_ADMIN, $_IMAGE_TYPE;
    require_once $_CONF['path_system'] . 'lib-admin.php';
    $retval = '';
    $retval .= COM_startBlock($LANG31[1], '', COM_getBlockTemplate('_admin_block', 'header'));
    $menu_arr = array(array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
    $desc = '<p>' . $LANG31[19] . '</p>';
    $icon = $_CONF['layout_url'] . '/images/icons/mail.' . $_IMAGE_TYPE;
    $retval .= ADMIN_createMenu($menu_arr, $desc, $icon);
    $mail_templates = new Template($_CONF['path_layout'] . 'admin/mail');
    $mail_templates->set_file(array('form' => 'mailform.thtml'));
    $mail_templates->set_var('site_url', $_CONF['site_url']);
    $mail_templates->set_var('site_admin_url', $_CONF['site_admin_url']);
    $mail_templates->set_var('layout_url', $_CONF['layout_url']);
    $mail_templates->set_var('startblock_email', COM_startBlock($LANG31[1], '', COM_getBlockTemplate('_admin_block', 'header')));
    $mail_templates->set_var('php_self', $_CONF['site_admin_url'] . '/mail.php');
    $mail_templates->set_var('lang_note', $LANG31[19]);
    $mail_templates->set_var('lang_to', $LANG31[18]);
    $mail_templates->set_var('lang_selectgroup', $LANG31[25]);
    $thisUsersGroups = SEC_getUserGroups();
    uksort($thisUsersGroups, 'strcasecmp');
    $group_options = '';
    foreach ($thisUsersGroups as $groupName => $groupID) {
        if ($groupName != 'All Users') {
            $group_options .= '<option value="' . $groupID . '">' . ucwords($groupName) . '</option>';
        }
    }
    $mail_templates->set_var('group_options', $group_options);
    $mail_templates->set_var('lang_from', $LANG31[2]);
    $mail_templates->set_var('site_name', $_CONF['site_name']);
    $mail_templates->set_var('lang_replyto', $LANG31[3]);
    $mail_templates->set_var('site_mail', $_CONF['site_mail']);
    $mail_templates->set_var('lang_subject', $LANG31[4]);
    $mail_templates->set_var('lang_body', $LANG31[5]);
    $mail_templates->set_var('lang_sendto', $LANG31[6]);
    $mail_templates->set_var('lang_allusers', $LANG31[7]);
    $mail_templates->set_var('lang_admin', $LANG31[8]);
    $mail_templates->set_var('lang_options', $LANG31[9]);
    $mail_templates->set_var('lang_HTML', $LANG31[10]);
    $mail_templates->set_var('lang_urgent', $LANG31[11]);
    $mail_templates->set_var('lang_ignoreusersettings', $LANG31[14]);
    $mail_templates->set_var('lang_send', $LANG31[12]);
    $mail_templates->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));
    $mail_templates->set_var('xhtml', XHTML);
    $mail_templates->set_var('gltoken_name', CSRF_TOKEN);
    $mail_templates->set_var('gltoken', SEC_createToken());
    $mail_templates->parse('output', 'form');
    $retval .= $mail_templates->finish($mail_templates->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
开发者ID:hostellerie,项目名称:nexpro,代码行数:59,代码来源:mail.php

示例4: deleteGroup

/**
* Delete a group
*
* @param    int     $grp_id     id of group to delete
* @return   string              HTML redirect
*
*/
function deleteGroup($grp_id)
{
    global $_CONF, $_TABLES, $_USER;
    if (!SEC_inGroup('Root') && DB_getItem($_TABLES['groups'], 'grp_name', "grp_id = {$grp_id}") == 'Root') {
        COM_accessLog("User {$_USER['username']} tried to delete the Root group with insufficient privileges.");
        return COM_refresh($_CONF['site_admin_url'] . '/group.php');
    }
    $GroupAdminGroups = SEC_getUserGroups();
    if (!in_array($grp_id, $GroupAdminGroups) && !SEC_groupIsRemoteUserAndHaveAccess($grp_id, $GroupAdminGroups)) {
        COM_accessLog("User {$_USER['username']} tried to delete group {$grp_id} with insufficient privileges.");
        return COM_refresh($_CONF['site_admin_url'] . '/group.php');
    }
    DB_delete($_TABLES['access'], 'acc_grp_id', $grp_id);
    DB_delete($_TABLES['group_assignments'], 'ug_grp_id', $grp_id);
    DB_delete($_TABLES['group_assignments'], 'ug_main_grp_id', $grp_id);
    DB_delete($_TABLES['groups'], 'grp_id', $grp_id);
    PLG_groupChanged($grp_id, 'delete');
    if (isset($_REQUEST['chk_showall']) && $_REQUEST['chk_showall'] == 1) {
        return COM_refresh($_CONF['site_admin_url'] . '/group.php?msg=50&chk_showall=1');
    } else {
        return COM_refresh($_CONF['site_admin_url'] . '/group.php?msg=50');
    }
}
开发者ID:milk54,项目名称:geeklog-japan,代码行数:30,代码来源:group.php

示例5: COM_getTopicSQL

/**
* Return SQL expression to check for allowed topics.
*
* Creates part of an SQL expression that can be used to only request stories
* from topics to which the user has access to.
*
* Note that this function does an SQL request, so you should cache
* the resulting SQL expression if you need it more than once.
*
* @param    string  $type   part of the SQL expr. e.g. 'WHERE', 'AND'
* @param    int     $u_id   user id or 0 = current user
* @param    string  $table  table name if ambiguous (e.g. in JOINs)
* @return   string          SQL expression string (may be empty)
*
*/
function COM_getTopicSQL($type = 'WHERE', $u_id = 0, $table = '')
{
    global $_TABLES, $_USER, $_GROUPS;
    $topicsql = ' ' . $type . ' ';
    if (!empty($table)) {
        $table .= '.';
    }
    $UserGroups = array();
    if ($u_id <= 0 || isset($_USER['uid']) && $u_id == $_USER['uid']) {
        if (!COM_isAnonUser()) {
            $uid = $_USER['uid'];
        } else {
            $uid = 1;
        }
        $UserGroups = $_GROUPS;
    } else {
        $uid = $u_id;
        $UserGroups = SEC_getUserGroups($uid);
    }
    if (empty($UserGroups)) {
        // this shouldn't really happen, but if it does, handle user
        // like an anonymous user
        $uid = 1;
    }
    if (SEC_inGroup('Root', $uid)) {
        return '';
    }
    $result = DB_query("SELECT tid FROM {$_TABLES['topics']}" . COM_getPermSQL('WHERE', $uid));
    $tids = array();
    while ($T = DB_fetchArray($result)) {
        $tids[] = $T['tid'];
    }
    if (count($tids) > 0) {
        $topicsql .= "({$table}tid IN ('" . implode("','", $tids) . "'))";
    } else {
        $topicsql .= '0';
    }
    return $topicsql;
}
开发者ID:alxstuart,项目名称:ajfs.me,代码行数:54,代码来源:lib-common.php

示例6: timerobject

    exit;
}
$mytimer = new timerobject();
$mytimer->startTimer();
$errMsg = '';
$uid = 1;
if (!COM_isAnonUser() && isset($_USER['uid'])) {
    $uid = $_USER['uid'];
}
$dt = new Date('now', $_USER['tzid']);
//Display Categories
if ($forum == 0) {
    $birdSeedStart = '';
    $dCat = isset($_GET['cat']) ? COM_applyFilter($_GET['cat'], true) : 0;
    $groups = array();
    $usergroups = SEC_getUserGroups();
    foreach ($usergroups as $group) {
        $groups[] = $group;
    }
    $groupAccessList = implode(',', $groups);
    if ($dCat > 0) {
        $categoryQuery = DB_query("SELECT * FROM {$_TABLES['ff_categories']} WHERE id=" . (int) $dCat . " ORDER BY cat_order ASC");
        $birdSeedStart = '<a href="' . $_CONF['site_url'] . '/forum/index.php">Forum Index</a> :: ';
    } else {
        $categoryQuery = DB_query("SELECT * FROM {$_TABLES['ff_categories']} ORDER BY cat_order ASC");
    }
    $numCategories = DB_numRows($categoryQuery);
    $forumlisting = new Template(array($_CONF['path'] . 'plugins/forum/templates/', $_CONF['path'] . 'plugins/forum/templates/links/'));
    $forumlisting->set_file('forumlisting', 'homepage.thtml');
    $forumlisting->set_var(array('forumindeximg' => '<img src="' . _ff_getImage('forumindex') . '" alt=""/>', 'phpself' => $_CONF['site_url'] . '/forum/index.php', 'layout_url' => $_CONF['layout_url'], 'forum_home' => 'Forum Index'));
    for ($i = 1; $i <= $numCategories; $i++) {
开发者ID:spacequad,项目名称:glfusion,代码行数:31,代码来源:index.php

示例7: display_mailform

/**
* Shows the form the admin uses to send Geeklog members a message. Right now
* you can only email an entire group.
*
* @param    array   $vars   optional array of form content
* @return   string          HTML for the email form
*
*/
function display_mailform($vars = array())
{
    global $_CONF, $LANG31, $LANG_ADMIN, $_IMAGE_TYPE;
    require_once $_CONF['path_system'] . 'lib-admin.php';
    $retval = '';
    $retval .= COM_startBlock($LANG31[1], '', COM_getBlockTemplate('_admin_block', 'header'));
    $menu_arr = array(array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
    $desc = '<p>' . $LANG31[19] . '</p>';
    $icon = $_CONF['layout_url'] . '/images/icons/mail.' . $_IMAGE_TYPE;
    $retval .= ADMIN_createMenu($menu_arr, $desc, $icon);
    $mail_templates = COM_newTemplate($_CONF['path_layout'] . 'admin/mail');
    $mail_templates->set_file(array('form' => 'mailform.thtml'));
    $mail_templates->set_var('startblock_email', COM_startBlock($LANG31[1], '', COM_getBlockTemplate('_admin_block', 'header')));
    $mail_templates->set_var('php_self', $_CONF['site_admin_url'] . '/mail.php');
    $mail_templates->set_var('lang_note', $LANG31[19]);
    $mail_templates->set_var('lang_to', $LANG31[18]);
    $mail_templates->set_var('lang_selectgroup', $LANG31[25]);
    $to_group = 0;
    if (isset($vars['to_group'])) {
        $to_group = COM_applyFilter($vars['to_group'], true);
    }
    $thisUsersGroups = SEC_getUserGroups();
    uksort($thisUsersGroups, 'strcasecmp');
    $group_options = '';
    foreach ($thisUsersGroups as $groupName => $groupID) {
        if ($groupName != 'All Users') {
            $group_options .= '<option value="' . $groupID . '"';
            if ($to_group > 0 && $to_group == $groupID) {
                $group_options .= ' selected="selected"';
            }
            $group_options .= '>' . ucwords($groupName) . '</option>';
        }
    }
    $mail_templates->set_var('group_options', $group_options);
    $mail_templates->set_var('lang_from', $LANG31[2]);
    if (!empty($vars['fra'])) {
        $from = $vars['fra'];
    } else {
        $from = $_CONF['site_name'];
    }
    $from = strip_tags($from);
    $from = substr($from, 0, strcspn($from, "\r\n"));
    $from = htmlspecialchars(trim($from), ENT_QUOTES);
    $mail_templates->set_var('site_name', $from);
    $mail_templates->set_var('lang_replyto', $LANG31[3]);
    if (!empty($vars['fraepost'])) {
        $fromemail = $vars['fraepost'];
    } else {
        $fromemail = $_CONF['site_mail'];
    }
    $fromemail = strip_tags($fromemail);
    $fromemail = substr($fromemail, 0, strcspn($fromemail, "\r\n"));
    $fromemail = htmlspecialchars(trim($fromemail), ENT_QUOTES);
    $mail_templates->set_var('site_mail', $fromemail);
    if (isset($vars['subject'])) {
        $mail_templates->set_var('subject', COM_applyFilter($vars['subject']));
    }
    if (isset($vars['message'])) {
        $mail_templates->set_var('message', COM_applyFilter($vars['message']));
    }
    if (isset($vars['html']) && trim($vars['html']) == 'on') {
        $mail_templates->set_var('html', ' checked="checked"');
    }
    if (isset($vars['priority']) && trim($vars['priority']) == 'on') {
        $mail_templates->set_var('priority', ' checked="checked"');
    }
    if (isset($vars['overstyr']) && trim($vars['overstyr']) == 'on') {
        $mail_templates->set_var('overstyr', ' checked="checked"');
    }
    $mail_templates->set_var('lang_subject', $LANG31[4]);
    $mail_templates->set_var('lang_body', $LANG31[5]);
    $mail_templates->set_var('lang_sendto', $LANG31[6]);
    $mail_templates->set_var('lang_allusers', $LANG31[7]);
    $mail_templates->set_var('lang_admin', $LANG31[8]);
    $mail_templates->set_var('lang_options', $LANG31[9]);
    $mail_templates->set_var('lang_HTML', $LANG31[10]);
    $mail_templates->set_var('lang_urgent', $LANG31[11]);
    $mail_templates->set_var('lang_ignoreusersettings', $LANG31[14]);
    $mail_templates->set_var('lang_send', $LANG31[12]);
    $mail_templates->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));
    $mail_templates->set_var('gltoken_name', CSRF_TOKEN);
    $mail_templates->set_var('gltoken', SEC_createToken());
    $mail_templates->parse('output', 'form');
    $retval .= $mail_templates->finish($mail_templates->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
开发者ID:milk54,项目名称:geeklog-japan,代码行数:95,代码来源:mail.php

示例8: MG_importAlbums

function MG_importAlbums($aid, $parent, $session_id = 0)
{
    global $mgAlbums, $_TABLES, $_CONF, $_MG_CONF, $_USER, $_POST;
    $children = $mgAlbums[$aid]->getChildren();
    $nrows = count($children);
    $checkCounter = 0;
    for ($i = 0; $i < $nrows; $i++) {
        $x = $mgAlbums[$children[$i]]->id;
        if ($_POST['gallery'][$x] == 1) {
            if ($parent == 0) {
                $sql = "SELECT MAX(album_id) + 1 AS nextalbum_id FROM " . $_TABLES['mg_albums'];
                $result2 = DB_query($sql);
                $row2 = DB_fetchArray($result2);
                $A['album_id'] = $row2['nextalbum_id'];
                if ($A['album_id'] < 1) {
                    $A['album_id'] = 1;
                }
                if ($A['album_id'] == 0) {
                    COM_errorLog("Media Gallery Error - Returned 0 as album_id");
                    $A['album_id'] = 1;
                }
                // now, let's create this bad boy....
                $sql = "SELECT MAX(album_order) + 1 AS nextalbum_order FROM " . $_TABLES['mg_albums'];
                $result2 = DB_query($sql);
                $row2 = DB_fetchArray($result2);
                if ($row2 == NULL || $result2 == NULL) {
                    $A['album_order'] = 10;
                } else {
                    $A['album_order'] = $row2['nextalbum_order'];
                    if ($A['album_order'] < 0) {
                        $A['album_order'] = 10;
                    }
                }
                if ($A['album_order'] == NULL) {
                    $A['album_order'] = 10;
                }
                $mgAlbums[$children[$i]]->mgid = $A['album_id'];
                $mgAlbums[$children[$i]]->order = $A['album_order'];
                if (!empty($mgAlbums[$children[$i]]->children)) {
                    $subChildren = $mgAlbums[$children[$i]]->getChildren();
                    foreach ($subChildren as $child1) {
                        $mgAlbums[$child1]->mgparent = $A['album_id'];
                    }
                }
                $usergroups = SEC_getUserGroups();
                for ($m = 0; $m < count($usergroups); $m++) {
                    if ('mediagallery Admin' == key($usergroups)) {
                        $mgAlbums[$children[$i]]->group_id = $usergroups[key($usergroups)];
                        $mgAlbums[$children[$i]]->mod_group_id = $usergroups[key($usergroups)];
                    }
                    next($usergroups);
                }
                $rc = $mgAlbums[$children[$i]]->createAlbum();
            } else {
                $mgAlbums[$children[$i]]->mgid = $parent;
            }
            COM_errorLog("Media Gallery: glFusion Story Import processed " . $mgAlbums[$children[$i]]->title . " MGID: " . $mgAlbums[$children[$i]]->mgid . " Parent: " . $mgAlbums[$children[$i]]->mgparent);
            MG_importFiles($mgAlbums[$children[$i]]->mgid, $mgAlbums[$children[$i]]->id, $session_id);
            if (!empty($mgAlbums[$children[$i]]->children)) {
                MG_importAlbums($mgAlbums[$children[$i]]->id, $A['album_id'], $session_id);
            }
        }
    }
}
开发者ID:NewRoute,项目名称:glfusion,代码行数:64,代码来源:index.php

示例9: saveusers


//.........这里部分代码省略.........
            if ($_CONF['allow_user_photo'] == 1 && !empty($curphoto)) {
                $curusername = DB_getItem($_TABLES['users'], 'username', "uid = {$uid}");
                if ($curusername != $username) {
                    // user has been renamed - rename the photo, too
                    $newphoto = preg_replace('/' . $curusername . '/', $username, $curphoto, 1);
                    $imgpath = $_CONF['path_images'] . 'userphotos/';
                    if (@rename($imgpath . $curphoto, $imgpath . $newphoto) === false) {
                        $retval .= COM_errorLog('Could not rename userphoto "' . $curphoto . '" to "' . $newphoto . '".');
                        return $retval;
                    }
                    $curphoto = $newphoto;
                }
            }
            $curphoto = DB_escapeString($curphoto);
            DB_query("UPDATE {$_TABLES['users']} SET username = '{$username}', fullname = '{$fullname}', email = '{$email}', homepage = '{$homepage}', photo = '{$curphoto}', status='{$userstatus}' WHERE uid = {$uid}");
            if ($passwd_changed && !empty($passwd)) {
                SEC_updateUserPassword($passwd, $uid);
            }
            if ($_CONF['custom_registration'] and function_exists('CUSTOM_userSave')) {
                CUSTOM_userSave($uid);
            }
            if ($_CONF['usersubmission'] == 1 && $oldstatus == USER_ACCOUNT_AWAITING_APPROVAL && $userstatus == USER_ACCOUNT_ACTIVE) {
                USER_createAndSendPassword($username, $email, $uid);
            }
            if ($userstatus == USER_ACCOUNT_DISABLED) {
                SESS_endUserSession($uid);
            }
            $userChanged = true;
        }
        // check that the user is allowed to change group assignments
        if (is_array($groups) && SEC_hasRights('group.assign')) {
            if (!SEC_inGroup('Root')) {
                $rootgrp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Root'");
                if (in_array($rootgrp, $groups)) {
                    COM_accessLog("User {$_USER['username']} ({$_USER['uid']}) just tried to give Root permissions to user {$username}.");
                    echo COM_refresh($_CONF['site_admin_url'] . '/index.php');
                    exit;
                }
            }
            // make sure the Remote Users group is in $groups
            if (SEC_inGroup('Remote Users', $uid)) {
                $remUsers = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Remote Users'");
                if (!in_array($remUsers, $groups)) {
                    $groups[] = $remUsers;
                }
            }
            if ($_USER_VERBOSE) {
                COM_errorLog("deleting all group_assignments for user {$uid}/{$username}", 1);
            }
            // remove user from all groups that the User Admin is a member of
            $UserAdminGroups = SEC_getUserGroups();
            $whereGroup = 'ug_main_grp_id IN (' . implode(',', $UserAdminGroups) . ')';
            DB_query("DELETE FROM {$_TABLES['group_assignments']} WHERE (ug_uid = {$uid}) AND " . $whereGroup);
            // make sure to add user to All Users and Logged-in Users groups
            $allUsers = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'All Users'");
            if (!in_array($allUsers, $groups)) {
                $groups[] = $allUsers;
            }
            $logUsers = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Logged-in Users'");
            if (!in_array($logUsers, $groups)) {
                $groups[] = $logUsers;
            }
            foreach ($groups as $userGroup) {
                if (in_array($userGroup, $UserAdminGroups)) {
                    if ($_USER_VERBOSE) {
                        COM_errorLog("adding group_assignment " . $userGroup . " for {$username}", 1);
                    }
                    $sql = "INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_uid) VALUES ({$userGroup}, {$uid})";
                    DB_query($sql);
                }
            }
        }
        if ($userChanged) {
            PLG_userInfoChanged($uid);
        }
        $errors = DB_error();
        if (empty($errors)) {
            echo PLG_afterSaveSwitch($_CONF['aftersave_user'], "{$_CONF['site_url']}/users.php?mode=profile&uid={$uid}", 'user', 21);
        } else {
            $retval .= COM_errorLog('Error in saveusers in ' . $_CONF['site_admin_url'] . '/user.php');
            $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG28[22]));
            echo $retval;
            exit;
        }
    } else {
        $retval .= COM_showMessageText($LANG28[10]);
        if (!empty($uid) && $uid > 1 && DB_count($_TABLES['users'], 'uid', $uid) > 0) {
            $retval .= edituser($uid);
        } else {
            $retval .= edituser();
        }
        $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG28[1]));
        COM_output($retval);
        exit;
    }
    if ($_USER_VERBOSE) {
        COM_errorLog("***************leaving saveusers*****************", 1);
    }
    return $retval;
}
开发者ID:milk54,项目名称:geeklog-japan,代码行数:101,代码来源:user.php

示例10: MG_editAlbum


//.........这里部分代码省略.........
    $wm_opacity_select .= '<option value="50"' . ($A['opacity'] == 50 ? 'selected="selected"' : '') . '>50%</option>';
    $wm_opacity_select .= '<option value="60"' . ($A['opacity'] == 60 ? 'selected="selected"' : '') . '>60%</option>';
    $wm_opacity_select .= '<option value="70"' . ($A['opacity'] == 70 ? 'selected="selected"' : '') . '>70%</option>';
    $wm_opacity_select .= '<option value="80"' . ($A['opacity'] == 80 ? 'selected="selected"' : '') . '>80%</option>';
    $wm_opacity_select .= '<option value="90"' . ($A['opacity'] == 90 ? 'selected="selected"' : '') . '>90%</option>';
    $wm_opacity_select .= '</select>';
    $wm_location_select = '<select name="wm_location">';
    $wm_location_select .= '<option value="1"' . ($A['wm_location'] == 1 ? 'selected="selected"' : '') . '>' . $LANG_MG01['top_left'] . '</option>';
    $wm_location_select .= '<option value="2"' . ($A['wm_location'] == 2 ? 'selected="selected"' : '') . '>' . $LANG_MG01['top_center'] . '</option>';
    $wm_location_select .= '<option value="3"' . ($A['wm_location'] == 3 ? 'selected="selected"' : '') . '>' . $LANG_MG01['top_right'] . '</option>';
    $wm_location_select .= '<option value="4"' . ($A['wm_location'] == 4 ? 'selected="selected"' : '') . '>' . $LANG_MG01['middle_left'] . '</option>';
    $wm_location_select .= '<option value="5"' . ($A['wm_location'] == 5 ? 'selected="selected"' : '') . '>' . $LANG_MG01['middle_center'] . '</option>';
    $wm_location_select .= '<option value="6"' . ($A['wm_location'] == 6 ? 'selected="selected"' : '') . '>' . $LANG_MG01['middle_right'] . '</option>';
    $wm_location_select .= '<option value="7"' . ($A['wm_location'] == 7 ? 'selected="selected"' : '') . '>' . $LANG_MG01['bottom_left'] . '</option>';
    $wm_location_select .= '<option value="8"' . ($A['wm_location'] == 8 ? 'selected="selected"' : '') . '>' . $LANG_MG01['bottom_center'] . '</option>';
    $wm_location_select .= '<option value="9"' . ($A['wm_location'] == 9 ? 'selected="selected"' : '') . '>' . $LANG_MG01['bottom_right'] . '</option>';
    $wm_location_select .= '</select>';
    // now select what watermarks we have permission to use...
    $whereClause = " WHERE wm_id<>0 AND ";
    if (SEC_hasRights('mediagallery.admin')) {
        $whereClause .= "1=1";
    } else {
        $whereClause .= "(owner_id=" . $_USER['uid'] . " OR owner_id=0)";
    }
    $sql = "SELECT * FROM {$_TABLES['mg_watermarks']} " . $whereClause . " ORDER BY owner_id";
    $result = DB_query($sql);
    $nRows = DB_numRows($result);
    $wm_select = '<select name="wm_id"  onchange="change(this)">';
    $wm_select .= '<option value="blank.png">' . $LANG_MG01['no_watermark'] . '</option>';
    $wm_current = '<img src="' . $_MG_CONF['site_url'] . '/watermarks/blank.png" name="myImage" alt=""/>';
    for ($i = 0; $i < $nRows; $i++) {
        $row = DB_fetchArray($result);
        $wm_select .= '<option value="' . $row['filename'] . '"' . ($A['wm_id'] == $row['wm_id'] ? 'selected="selected"' : '') . '>' . $row['filename'] . '</option>';
        if ($A['wm_id'] == $row['wm_id']) {
            $wm_current = '<img src="' . $_MG_CONF['site_url'] . '/watermarks/' . $row['filename'] . '" name="myImage" alt=""/>';
        }
    }
    $wm_select .= '</select>';
    $frames = new mgFrame();
    $skins = array();
    $skins = $frames->getFrames();
    $skin_select = '<select name="skin">';
    $askin_select = '<select name="askin">';
    $dskin_select = '<select name="dskin">';
    for ($i = 0; $i < count($skins); $i++) {
        $skin_select .= '<option value="' . $skins[$i]['dir'] . '"' . ($A['image_skin'] == $skins[$i]['dir'] ? ' selected="selected" ' : '') . '>' . $skins[$i]['name'] . '</option>';
        $askin_select .= '<option value="' . $skins[$i]['dir'] . '"' . ($A['album_skin'] == $skins[$i]['dir'] ? ' selected="selected" ' : '') . '>' . $skins[$i]['name'] . '</option>';
        $dskin_select .= '<option value="' . $skins[$i]['dir'] . '"' . ($A['display_skin'] == $skins[$i]['dir'] ? ' selected="selected" ' : '') . '>' . $skins[$i]['name'] . '</option>';
    }
    $skin_select .= '</select>';
    $askin_select .= '</select>';
    $dskin_select .= '</select>';
    // permission template
    $usergroups = SEC_getUserGroups();
    $groupdd = '';
    $moddd = '';
    $groupdd .= '<select name="group_id">';
    $moddd .= '<select name="mod_id">';
    for ($i = 0; $i < count($usergroups); $i++) {
        if ($usergroups[key($usergroups)] != 2 && $usergroups[key($usergroups)] != 13) {
            $groupdd .= '<option value="' . $usergroups[key($usergroups)] . '"';
            $moddd .= '<option value="' . $usergroups[key($usergroups)] . '"';
            if ($A['group_id'] == $usergroups[key($usergroups)]) {
                $groupdd .= ' selected="selected"';
            }
            if ($A['mod_group_id'] == $usergroups[key($usergroups)]) {
                $moddd .= ' selected="selected"';
            }
            $groupdd .= '>' . key($usergroups) . '</option>';
            $moddd .= '>' . key($usergroups) . '</option>';
        }
        next($usergroups);
    }
    $groupdd .= '</select>';
    $moddd .= '</select>';
    $upload_select = '<input type="checkbox" name="uploads" value="1" ' . ($A['member_uploads'] ? ' checked="checked"' : '') . '/>';
    $moderate_select = '<input type="checkbox" name="moderate" value="1" ' . ($A['moderate'] ? ' checked="checked"' : '') . '/>';
    $child_update_select = '<input type="checkbox" name="force_child_update" value="1"/>';
    $hidden_select = '<input type="checkbox" name="hidden" value="1" ' . ($A['hidden'] ? ' checked="checked"' : '') . '/>';
    $allow_download_select = '<input type="checkbox" name="allow_download" value="1" ' . ($A['allow_download'] ? ' checked="checked"' : '') . '/>';
    if (SEC_hasRights('mediagallery.admin')) {
        $perm_editor = SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
    } else {
        $perm_editor = MG_getMemberPermissionsHTML($A['perm_members'], $A['perm_anon']);
    }
    $T->set_var(array('lang_uploads' => $LANG_MG01['anonymous_uploads_prompt'], 'lang_accessrights' => $LANG_ACCESS['accessrights'], 'lang_owner' => $LANG_ACCESS['owner'], 'owner_username' => DB_getItem($_TABLES['users'], 'username', "uid={$A['owner_id']}"), 'owner_id' => $A['owner_id'], 'lang_group' => $LANG_ACCESS['group'], 'lang_permissions' => $LANG_ACCESS['permissions'], 'lang_perm_key' => $LANG_ACCESS['permissionskey'], 'lang_hidden' => $LANG_MG01['hidden'], 'permissions_msg' => $LANG_ACCESS['permmsg'], 'permissions_editor' => $perm_editor, 'origaid' => '<input type="hidden" name="origaid" value="' . $oldaid . '"/>', 'group_dropdown' => $groupdd, 'mod_dropdown' => $moddd, 'lang_member_upload' => $LANG_MG01['member_upload'], 'lang_moderate_album' => $LANG_MG01['mod_album'], 'lang_mod_group' => $LANG_MG01['moderation_group'], 'uploads' => $upload_select, 'moderate' => $moderate_select, 'hidden' => $hidden_select, 'force_child_update' => $child_update_select, 'lang_force_child_update' => $LANG_MG01['force_child_update'], 'lang_allow_download' => $LANG_MG01['allow_download'], 'owner_select' => $owner_select, 'email_mod_select' => $email_mod_select, 'lang_email_mods_on_submission' => $LANG_MG01['email_mods_on_submission']));
    if (SEC_hasRights('mediagallery.admin')) {
        $T->parse('perm_editor', 'perms_admin');
    } else {
        $T->parse('perm_editor', 'perms_member');
    }
    $T->set_var(array('action' => 'album', 'path_mg' => $_MG_CONF['site_url'], 'attach_select' => $attach_select, 'comment_select' => $comment_select, 'exif_select' => $exif_select, 'ranking_select' => $ranking_select, 'podcast_select' => $podcast_select, 'mp3ribbon_select' => $mp3ribbon_select, 'rsschildren_select' => $rsschildren_select, 'full_select' => $full_select, 'ss_select' => $ss_select, 'sf_select' => $sf_select, 'views_select' => $views_select, 'keywords_select' => $keywords_select, 'album_views_select' => $album_views_select, 'display_album_desc_select' => $display_album_desc_select, 'sort_select' => $sort_select, 'rss_select' => $rss_select, 'postcard_select' => $postcard_select, 'afirst_select' => $afirst_select, 'tn_size_select' => $tn_size_select, 'display_image_size' => $display_image_size_select, 'rows_input' => $rows_input, 'columns_input' => $columns_input, 'playback_type' => $playback_type, 'album_title' => $A['album_title'], 'album_desc' => $A['album_desc'], 'album_id' => $A['album_id'], 'parent_select' => $album_select, 'album_cover' => $A['album_cover'], 'album_owner' => $A['owner_id'], 'album_order' => $A['album_order'], 'album_cover_filename' => $A['album_cover_filename'], 'last_update' => $A['last_update'], 'media_count' => $A['media_count'], 'wm_auto_select' => $wm_auto_select, 'wm_opacity_select' => $wm_opacity_select, 'wm_location_select' => $wm_location_select, 'wm_select' => $wm_select, 'wm_current' => $wm_current, 'album_theme_select' => $album_theme_select, 'album_sort_select' => $album_sort_select, 'allow_download_select' => $allow_download_select, 'filename_title_select' => $filename_title_select, 'skin_select' => $skin_select, 'askin_select' => $askin_select, 'dskin_select' => $dskin_select, 'tnheight_input' => $tnheight_input, 'tnwidth_input' => $tnwidth_input, 'usealternate_select' => $usealternate_select, 'lang_usealternate' => $LANG_MG01['use_alternate_url'], 'lang_tnheight' => $LANG_MG01['tn_height'], 'lang_tnwidth' => $LANG_MG01['tn_width'], 'lang_save' => $LANG_MG01['save'], 'lang_edit_title' => $mode == 'create' ? $LANG_MG01['create_album'] : $LANG_MG01['edit_album'], 's_form_action' => $actionURL, 'lang_image_skin' => $LANG_MG01['image_skin'], 'lang_album_skin' => $LANG_MG01['album_skin'], 'lang_display_skin' => $LANG_MG01['display_skin'], 'lang_album_edit_help' => $LANG_MG01['album_edit_help'], 'lang_title' => $LANG_MG01['title'], 'lang_podcast' => $LANG_MG01['podcast'], 'lang_mp3ribbon' => $LANG_MG01['mp3ribbon'], 'lang_rsschildren' => $LANG_MG01['rsschildren'], 'lang_parent_album' => $LANG_MG01['parent_album'], 'lang_description' => $LANG_MG01['description'], 'lang_cancel' => $LANG_MG01['cancel'], 'lang_delete' => $LANG_MG01['delete'], 'lang_comments' => $LANG_MG01['comments_prompt'], 'lang_enable_exif' => $LANG_MG01['enable_exif'], 'lang_enable_ratings' => $LANG_MG01['enable_ratings'], 'lang_ss_enable' => $LANG_MG01['ss_enable'], 'lang_sf_enable' => $LANG_MG01['sf_enable'], 'lang_tn_size' => $LANG_MG01['tn_size'], 'lang_rows' => $LANG_MG01['rows'], 'lang_columns' => $LANG_MG01['columns'], 'lang_av_play_album' => $LANG_MG01['av_play_album'], 'lang_av_play_options' => $LANG_MG01['av_play_options'], 'lang_attached_thumbnail' => $LANG_MG01['attached_thumbnail'], 'lang_thumbnail' => $LANG_MG01['thumbnail'], 'lang_album_attributes' => $LANG_MG01['album_attributes'], 'lang_album_cover' => $LANG_MG01['album_cover'], 'lang_enable_views' => $LANG_MG01['enable_views'], 'lang_enable_keywords' => $LANG_MG01['enable_keywords'], 'lang_enable_album_views' => $LANG_MG01['enable_album_views'], 'lang_enable_sort' => $LANG_MG01['enable_sort'], 'lang_enable_rss' => $LANG_MG01['enable_rss'], 'lang_enable_postcard' => $LANG_MG01['enable_postcard'], 'lang_albums_first' => $LANG_MG01['albums_first'], 'lang_full_display' => $LANG_MG01['full_display'], 'lang_display_image_size' => $LANG_MG01['display_image_size'], 'lang_album_sort' => $LANG_MG01['default_album_sort'], 'lang_watermark' => $LANG_MG01['watermark'], 'lang_wm_auto' => $LANG_MG01['watermark_auto'], 'lang_wm_opacity' => $LANG_MG01['watermark_opacity'], 'lang_wm_location' => $LANG_MG01['watermark_location'], 'lang_wm_id' => $LANG_MG01['watermark_image'], 'lang_unlimited' => $LANG_MG01['zero_unlimited'], 'lang_display_album_desc' => $LANG_MG01['display_album_desc'], 'lang_filename_title' => $LANG_MG01['filename_title'], 'lang_media_attributes' => $LANG_MG01['media_attributes'], 'lang_theme_select' => $LANG_MG01['album_theme']));
    if ($_MG_CONF['htmlallowed'] == 1) {
        $T->set_var('allowed_html', COM_allowedHTML(SEC_getUserPermissions(), false, 'mediagallery', 'album_title'));
    }
    $T->parse('output', 'admin');
    $retval .= $T->finish($T->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
开发者ID:NewRoute,项目名称:glfusion,代码行数:101,代码来源:albumedit.php

示例11: WS_authenticate


//.........这里部分代码省略.........
                        if ($pwdigest == $mydigest) {
                            $password = $pwd;
                        }
                    }
                }
        
                if ($WS_VERBOSE) {
                    COM_errorLog("WS: Attempting to log in user '$username' (via WSSE)");
                }
        
        ******************************************************************************/
    } elseif (!empty($_SERVER['REMOTE_USER'])) {
        /* PHP installed as CGI may not have access to authorization headers of
         * Apache. In that case, use .htaccess to store the auth header as
         * explained at
         * http://wiki.geeklog.net/wiki/index.php/Webservices_API#Authentication
         */
        list($auth_type, $auth_data) = explode(' ', $_SERVER['REMOTE_USER']);
        list($username, $password) = explode(':', base64_decode($auth_data));
        $username = COM_applyBasicFilter($username);
        if ($WS_VERBOSE) {
            COM_errorLog("WS: Attempting to log in user '{$username}' (via \$_SERVER['REMOTE_USER'])");
        }
    } else {
        if ($WS_VERBOSE) {
            COM_errorLog("WS: No login given");
        }
        // fallthrough (see below)
    }
    COM_clearSpeedlimit($_CONF['login_speedlimit'], 'wsauth');
    if (COM_checkSpeedlimit('wsauth', $_CONF['login_attempts']) > 0) {
        WS_error(PLG_RET_PERMISSION_DENIED, 'Speed Limit exceeded');
    }
    if (!empty($username) && !empty($password)) {
        if ($_CONF['user_login_method']['3rdparty']) {
            // remote users will have to use username@servicename
            $u = explode('@', $username);
            if (count($u) > 1) {
                $sv = $u[count($u) - 1];
                if (!empty($sv)) {
                    $modules = SEC_collectRemoteAuthenticationModules();
                    foreach ($modules as $smod) {
                        if (strcasecmp($sv, $smod) == 0) {
                            array_pop($u);
                            // drop the service name
                            $uname = implode('@', $u);
                            $status = SEC_remoteAuthentication($uname, $password, $smod, $uid);
                            break;
                        }
                    }
                }
            }
        }
        if ($status == -1 && $_CONF['user_login_method']['standard']) {
            $status = SEC_authenticate($username, $password, $uid);
        }
    }
    if ($status == USER_ACCOUNT_ACTIVE) {
        $_USER = SESS_getUserDataFromId($uid);
        PLG_loginUser($_USER['uid']);
        // Global array of groups current user belongs to
        $_GROUPS = SEC_getUserGroups($_USER['uid']);
        // Global array of current user permissions [read,edit]
        $_RIGHTS = explode(',', SEC_getUserPermissions());
        if ($_CONF['restrict_webservices']) {
            if (!SEC_hasRights('webservices.atompub')) {
                COM_updateSpeedlimit('wsauth');
                if ($WS_VERBOSE) {
                    COM_errorLog("WS: User '{$_USER['username']}' ({$_USER['uid']}) does not have permission to use the webservices");
                }
                // reset user, groups, and rights, just in case ...
                $_USER = array();
                $_GROUPS = array();
                $_RIGHTS = array();
                WS_error(PLG_RET_AUTH_FAILED);
            }
        }
        if ($WS_VERBOSE) {
            COM_errorLog("WS: User '{$_USER['username']}' ({$_USER['uid']}) successfully logged in");
        }
        // if there were less than 2 failed login attempts, reset speedlimit
        if (COM_checkSpeedlimit('wsauth', 2) == 0) {
            if ($WS_VERBOSE) {
                COM_errorLog("WS: Successful login - resetting speedlimit");
            }
            COM_resetSpeedlimit('wsauth');
        }
    } else {
        COM_updateSpeedlimit('wsauth');
        if (!empty($username) && !empty($password)) {
            COM_updateSpeedlimit('wsauth');
            if ($WS_VERBOSE) {
                COM_errorLog("WS: Wrong login credentials - counting as 2 failed attempts");
            }
        } elseif ($WS_VERBOSE) {
            COM_errorLog("WS: Empty login credentials - counting as 1 failed attempt");
        }
        WS_error(PLG_RET_AUTH_FAILED);
    }
}
开发者ID:Geeklog-Core,项目名称:geeklog,代码行数:101,代码来源:lib-webservices.php

示例12: gf_makeFilemgmtCatSelect

function gf_makeFilemgmtCatSelect($uid)
{
    global $_CONF, $_FM_TABLES, $_DB_name;
    include_once $_CONF[path_html] . "filemgmt/include/xoopstree.php";
    include_once $_CONF[path_html] . "filemgmt/include/textsanitizer.php";
    $_GROUPS = SEC_getUserGroups($uid);
    $mytree = new XoopsTree($_DB_name, $_FM_TABLES['filemgmt_cat'], "cid", "pid");
    $mytree->setGroupUploadAccessFilter($_GROUPS);
    return $mytree->makeMySelBox('title', 'title', '', '', 'filemgmtcat');
}
开发者ID:hostellerie,项目名称:nexpro,代码行数:10,代码来源:gf_format.php

示例13: WS_authenticate

/**
 * Authenticates the user if authentication headers are present
 *
 * Our handling of the speedlimit here requires some explanation ...
 * Atompub clients will usually try to do everything without logging in first.
 * Since that would mean that we can't provide feeds for drafts, items with
 * special permissions, etc. we ask them to log in (PLG_RET_AUTH_FAILED).
 * That, however, means that every request from an Atompub client will count
 * as one failed login attempt. So doing a couple of requests in quick
 * succession will surely get the client blocked. Therefore
 * - a request without any login credentials counts as one failed login attempt
 * - a request with wrong login credentials counts as two failed login attempts
 * - if, after a successful login, we have only one failed attempt on record,
 *   we reset the speedlimit
 * This still ensures that
 * - repeated failed logins (without or with invalid credentials) will cause the
 *   client to be blocked eventually
 * - this can not be used for dictionary attacks
 *
 */
function WS_authenticate()
{
    global $_CONF, $_TABLES, $_USER, $_GROUPS, $_RIGHTS, $WS_VERBOSE;
    $uid = '';
    $username = '';
    $password = '';
    $status = -1;
    if (isset($_SERVER['PHP_AUTH_USER'])) {
        $username = $_SERVER['PHP_AUTH_USER'];
        $password = $_SERVER['PHP_AUTH_PW'];
        $username = COM_applyFilter($username);
        $password = COM_applyFilter($password);
        if ($WS_VERBOSE) {
            COM_errorLog("WS: Attempting to log in user '{$username}'");
        }
    } elseif (!empty($_SERVER['REMOTE_USER'])) {
        /* PHP installed as CGI may not have access to authorization headers of
         * Apache. In that case, use .htaccess to store the auth header
         */
        list($auth_type, $auth_data) = explode(' ', $_SERVER['REMOTE_USER']);
        list($username, $password) = explode(':', base64_decode($auth_data));
        $username = COM_applyFilter($username);
        $password = COM_applyFilter($password);
        if ($WS_VERBOSE) {
            COM_errorLog("WS: Attempting to log in user '{$username}' (via \$_SERVER['REMOTE_USER'])");
        }
    } else {
        if ($WS_VERBOSE) {
            COM_errorLog("WS: No login given");
        }
        // fallthrough (see below)
    }
    COM_clearSpeedlimit($_CONF['login_speedlimit'], 'wsauth');
    if (COM_checkSpeedlimit('wsauth', $_CONF['login_attempts']) > 0) {
        WS_error(PLG_RET_PERMISSION_DENIED, 'Speed Limit exceeded');
    }
    if (!empty($username) && !empty($password)) {
        if ($_CONF['user_login_method']['3rdparty']) {
            // remote users will have to use username@servicename
            $u = explode('@', $username);
            if (count($u) > 1) {
                $sv = $u[count($u) - 1];
                if (!empty($sv)) {
                    $modules = SEC_collectRemoteAuthenticationModules();
                    foreach ($modules as $smod) {
                        if (strcasecmp($sv, $smod) == 0) {
                            array_pop($u);
                            // drop the service name
                            $uname = implode('@', $u);
                            $status = SEC_remoteAuthentication($uname, $password, $smod, $uid);
                            break;
                        }
                    }
                }
            }
        }
        if ($status == -1 && $_CONF['user_login_method']['standard']) {
            $status = SEC_authenticate($username, $password, $uid);
        }
    }
    if ($status == USER_ACCOUNT_ACTIVE) {
        $_USER = SESS_getUserDataFromId($uid);
        PLG_loginUser($_USER['uid']);
        // Global array of groups current user belongs to
        $_GROUPS = SEC_getUserGroups($_USER['uid']);
        // Global array of current user permissions [read,edit]
        $_RIGHTS = explode(',', SEC_getUserPermissions());
        if ($_CONF['restrict_webservices']) {
            if (!SEC_hasRights('webservices.atompub')) {
                COM_updateSpeedlimit('wsauth');
                if ($WS_VERBOSE) {
                    COM_errorLog("WS: User '{$_USER['username']}' ({$_USER['uid']}) does not have permission to use the webservices");
                }
                // reset user, groups, and rights, just in case ...
                $_USER = array();
                $_GROUPS = array();
                $_RIGHTS = array();
                WS_error(PLG_RET_AUTH_FAILED);
            }
        }
//.........这里部分代码省略.........
开发者ID:NewRoute,项目名称:glfusion,代码行数:101,代码来源:lib-webservices.php

示例14: _construct

 function _construct()
 {
     global $_TABLES, $_USER, $CONF_NEXMENU, $_BLOCK_TEMPLATE;
     $this->_currentBlockTemplate = $_BLOCK_TEMPLATE;
     $this->_version = DB_getItem($_TABLES['plugins'], 'pi_version', "pi_name = 'nexmenu'");
     $query = DB_query("SELECT * FROM {$_TABLES['nexmenu_config']} WHERE theme='{$this->_theme}'");
     $A = DB_fetchArray($query);
     $this->_blockMenuStyle = $A['blockmenu_style'];
     $this->_blockSubmenuStyle = $A['blocksubmenu_style'];
     $this->_headerMenuStyle = $A['headermenu_style'];
     $this->_headerSubmenuStyle = $A['headersubmenu_style'];
     if ($A['multilanguage'] == 1) {
         $this->_multiLangMode = true;
     } else {
         $this->_multiLangMode = false;
     }
     $this->_targetFeatures = DB_getItem($_TABLES['nexmenu_config'], "targetfeatures");
     if (DB_getItem($_TABLES['plugins'], 'pi_enabled', "pi_name = 'links'") == 1) {
         $this->_linksPlugin = true;
     } else {
         $this->_linksPlugin = false;
     }
     if (DB_getItem($_TABLES['plugins'], 'pi_enabled', "pi_name = 'staticpages'") == 1) {
         $this->_staticpagesPlugin = true;
     } else {
         $this->_staticpagesPlugin = false;
     }
     // Get list of groups member belongs to
     if (!isset($_USER['uid']) or $_USER['uid'] < 2) {
         $this->_groupAccessList = '0,2';
     } else {
         $groups = array();
         $usergroups = SEC_getUserGroups();
         foreach ($usergroups as $group) {
             $groups[] = $group;
         }
         $this->_groupAccessList = implode(',', $groups);
     }
 }
开发者ID:hostellerie,项目名称:nexpro,代码行数:39,代码来源:nexmenu.class.php

示例15: getAdminMenu


//.........这里部分代码省略.........
                $item_array[] = array('label' => $label, 'url' => $url);
            }
            if (SEC_inGroup('Root')) {
                $url = $_CONF['site_admin_url'] . '/clearctl.php';
                $label = $LANG01['ctl'];
                $item_array[] = array('label' => $label, 'url' => $url);
            }
            if (SEC_inGroup('Root')) {
                $url = $_CONF['site_admin_url'] . '/menu.php';
                $label = $LANG_MB01['menu_builder'];
                $item_array[] = array('label' => $label, 'url' => $url);
            }
            if (SEC_inGroup('Root')) {
                $url = $_CONF['site_admin_url'] . '/logo.php';
                $label = $LANG_LOGO['logo_admin'];
                $item_array[] = array('label' => $label, 'url' => $url);
            }
            if (SEC_hasRights('topic.edit')) {
                $result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['topics']}" . COM_getPermSql());
                list($count) = DB_fetchArray($result);
                $url = $_CONF['site_admin_url'] . '/topic.php';
                $label = $LANG01[13] . ' (' . COM_numberFormat($count) . ')';
                $item_array[] = array('label' => $label, 'url' => $url);
            }
            if (SEC_hasRights('user.edit')) {
                $url = $_CONF['site_admin_url'] . '/user.php';
                $label = $LANG01[17] . ' (' . COM_numberFormat(DB_count($_TABLES['users']) - 1) . ')';
                $item_array[] = array('label' => $label, 'url' => $url);
            }
            if (SEC_hasRights('group.edit')) {
                if (SEC_inGroup('Root')) {
                    $grpFilter = '';
                } else {
                    $elementUsersGroups = SEC_getUserGroups();
                    $grpFilter = 'WHERE (grp_id IN (' . implode(',', $elementUsersGroups) . '))';
                }
                $result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['groups']} {$grpFilter};");
                $A = DB_fetchArray($result);
                $url = $_CONF['site_admin_url'] . '/group.php';
                $label = $LANG01[96] . ' (' . COM_numberFormat($A['count']) . ')';
                $item_array[] = array('label' => $label, 'url' => $url);
            }
            if (SEC_hasRights('social.admin')) {
                $url = $_CONF['site_admin_url'] . '/social.php';
                $label = $LANG_SOCIAL['label'];
                $item_array[] = array('label' => $label, 'url' => $url);
            }
            if (SEC_inGroup('Root')) {
                $url = $_CONF['site_admin_url'] . '/envcheck.php';
                $label = $LANG01['env_check'];
                $item_array[] = array('label' => $label, 'url' => $url);
            }
            if (SEC_hasRights('user.mail')) {
                $url = $_CONF['site_admin_url'] . '/mail.php';
                $label = $LANG01[105] . ' (N/A)';
                $item_array[] = array('label' => $label, 'url' => $url);
            }
            if ($_CONF['backend'] == 1 && SEC_hasRights('syndication.edit')) {
                $url = $_CONF['site_admin_url'] . '/syndication.php';
                $label = $LANG01[38] . ' (' . COM_numberFormat(DB_count($_TABLES['syndication'])) . ')';
                $item_array[] = array('label' => $label, 'url' => $url);
            }
            if (($_CONF['trackback_enabled'] || $_CONF['pingback_enabled'] || $_CONF['ping_enabled']) && SEC_hasRights('story.ping')) {
                $url = $_CONF['site_admin_url'] . '/trackback.php';
                $label = $LANG01[116] . ' (' . COM_numberFormat(DB_count($_TABLES['pingservice'])) . ')';
                $item_array[] = array('label' => $label, 'url' => $url);
开发者ID:spacequad,项目名称:glfusion,代码行数:67,代码来源:lib-menu.php


注:本文中的SEC_getUserGroups函数示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。