当前位置: 首页>>代码示例>>PHP>>正文


PHP SEC_hasAccess函数代码示例

本文整理汇总了PHP中SEC_hasAccess函数的典型用法代码示例。如果您正苦于以下问题:PHP SEC_hasAccess函数的具体用法?PHP SEC_hasAccess怎么用?PHP SEC_hasAccess使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。


在下文中一共展示了SEC_hasAccess函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: downloads_getListField_Files

function downloads_getListField_Files($fieldname, $fieldvalue, $A, $icon_arr)
{
    global $_CONF, $_TABLES, $LANG_ADMIN, $LANG_ACCESS, $MESSAGE, $DLM_CSRF_TOKEN;
    $retval = false;
    $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
    $token = "&" . CSRF_TOKEN . "=" . $DLM_CSRF_TOKEN;
    switch ($fieldname) {
        case "edit":
            $retval = $LANG_ACCESS['readonly'];
            if ($access == 3) {
                $retval = "<div style=\"white-space:nowrap;\"><a href=\"{$_CONF['site_admin_url']}/plugins/downloads/index.php" . "?lid={$A['lid']}&amp;op=modify&amp;p=list\" title=\"{$LANG_ADMIN['edit']}\">{$icon_arr['edit']}</a>" . LB . "<a href=\"{$_CONF['site_admin_url']}/plugins/downloads/index.php" . "?lid={$A['lid']}&amp;op=clone\" title=\"{$LANG_ADMIN['copy']}\">{$icon_arr['copy']}</a>" . LB;
                //$icon = $icon_arr['deleteitem'];
                $icon = "<img src=\"{$_CONF['site_url']}/downloads/images/delete.png\" " . "alt=\"\" title=\"{$LANG_ADMIN['delete']}\">";
                $retval .= "<a href=\"{$_CONF['site_admin_url']}/plugins/downloads/index.php" . "?lid={$A['lid']}&amp;op=delete" . $token . "\" onclick=\"return confirm('{$MESSAGE[76]}');\">{$icon}</a></div>" . LB;
            }
            break;
        case "title":
            $url = COM_buildUrl($_CONF['site_url'] . '/downloads/index.php?id=' . $A['lid']);
            $retval = "<a href=\"{$url}\" title=\"{$A['url']}\">{$A['title']}</a>" . LB;
            break;
        case "cid":
            $retval = DB_getItem($_TABLES['downloadcategories'], 'title', "cid='" . addslashes($A['cid']) . "'");
            $retval .= getCatName_by_language($A['cid']);
            break;
        case "date":
            $retval = strftime('%Y-%m-%d', $A['date']);
            // Fixed format
            break;
        default:
            $retval = $fieldvalue;
            break;
    }
    return $retval;
}
开发者ID:mistgrass,项目名称:geeklog-ivywe,代码行数:34,代码来源:index.php

示例2: fncComment

function fncComment($id)
{
    global $_CONF;
    global $_TABLES;
    //
    $order = '';
    if (isset($_REQUEST['order'])) {
        $order = COM_applyFilter($_REQUEST['order']);
    }
    $mode = '';
    if (isset($_REQUEST['mode'])) {
        $mode = COM_applyFilter($_REQUEST['mode']);
    }
    $page = 1;
    if (isset($_REQUEST['cpage'])) {
        $page = COM_applyFilter($_REQUEST['cpage']);
    }
    //
    $tbl = $_TABLES['USERBOX_base'];
    //-----
    $sql = "SELECT ";
    $sql .= "commentcode ";
    $sql .= ",owner_id";
    $sql .= ",group_id";
    $sql .= ",perm_owner";
    $sql .= ",perm_group";
    $sql .= ",perm_members";
    $sql .= ",perm_anon";
    $sql .= " FROM ";
    $sql .= " {$tbl} AS t ";
    //base
    $sql .= " WHERE ";
    $sql .= " id=" . $id;
    $sql .= " AND t.draft_flag=0" . LB;
    //アクセス権のないデータ はのぞく
    $sql .= COM_getPermSql('AND');
    //公開日以前のデータはのぞく
    $sql .= " AND (released <= NOW())";
    //公開終了日を過ぎたデータはのぞく
    $sql .= " AND (expired=0 OR expired > NOW())";
    //
    $result = DB_query($sql);
    $numrows = DB_numRows($result);
    if ($numrows > 0) {
        $A = DB_fetchArray($result);
        $A = array_map('stripslashes', $A);
        if ($A['commentcode'] >= 0) {
            $delete_option = SEC_hasRights('userbox.edit') && SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']) == 3 ? true : false;
            require_once $_CONF['path_system'] . 'lib-comment.php';
            $retval .= CMT_userComments($id, $A['topic'], 'userbox', $order, $mode, 0, $page, false, $delete_option, $A['commentcode']);
        }
    }
    return $retval;
}
开发者ID:mistgrass,项目名称:geeklog-ivywe,代码行数:54,代码来源:profile.php

示例3: COM_applyFilter

$album_id = COM_applyFilter($_GET['aid'], true);
$media_id = COM_applyFilter($_GET['mid']);
$T = new Template(MG_getTemplatePath($album_id));
$T->set_file('page', 'view_image.thtml');
$T->set_var('header', $LANG_MG00['plugin']);
$T->set_var('site_url', $_CONF['site_url']);
$T->set_var('plugin', 'mediagallery');
//
// -- Verify that image really does belong to this album
//
$sql = "SELECT * FROM " . $_TABLES['mg_media_albums'] . " WHERE media_id='" . DB_escapeString($mid) . "' AND album_id='" . intval($aid) . "'";
$result = DB_query($sql);
if (DB_numRows($result) < 1) {
    die("ERROR #2");
}
// Get Album Info...
$sql = "SELECT * FROM " . $_TABLES['mg_albums'] . " WHERE album_id=" . intval($album_id);
$result = DB_query($sql);
$row = DB_fetchArray($result);
// Check access rights
$access = SEC_hasAccess($row['owner_id'], $row['group_id'], $row['perm_owner'], $row['perm_group'], $row['perm_members'], $row['perm_anon']);
if ($access == 0) {
    $display .= COM_siteHeader('menu') . COM_showMessageText($LANG_MG00['access_denied_msg'], $LANG_ACCESS['accessdenied'], true) . COM_siteFooter();
    echo $display;
    exit;
}
$sql = "SELECT * FROM " . $_TABLES['mg_media'] . " WHERE media_id='" . DB_escapeString($media_id) . "'";
$result = DB_query($sql);
$row = DB_fetchArray($result);
echo '<img src="' . $_MG_CONF['mediaobjects_url'] . '/disp/' . $row['media_filename'][0] . '/' . $row['media_filename'] . '.jpg' . '">';
exit;
开发者ID:spacequad,项目名称:glfusion,代码行数:31,代码来源:media_popup.php

示例4: prepare_banner_item

/**
* Prepare a banner item for rendering
*
* @param    array   $A          banner details
* @param    ref     $template   reference of the banner template
*
*/
function prepare_banner_item($A, &$template)
{
    global $_CONF, $_USER, $LANG_ADMIN, $LANG_BANNER, $_IMAGE_TYPE, $LANG_DIRECTION;
    $url = COM_buildUrl($_CONF['site_url'] . '/banner/portal.php?what=banner&amp;item=' . $A['bid']);
    $template->set_var('banner_url', $url);
    $template->set_var('banner_actual_url', $A['url']);
    $template->set_var('banner_actual_url_encoded', urlencode($A['url']));
    $template->set_var('banner_name', stripslashes($A['title']));
    $template->set_var('banner_name_encoded', urlencode($A['title']));
    $template->set_var('banner_hits', COM_numberFormat($A['hits']));
    $content = stripslashes($A['title']);
    $template->set_var('banner_html', $content);
    if (!COM_isAnonUser() && !SEC_hasRights('banner.edit')) {
        $reporturl = $_CONF['site_url'] . '/banner/index.php?mode=report&amp;bid=' . $A['bid'];
        $template->set_var('banner_broken', COM_createLink($LANG_BANNER[117], $reporturl, array('class' => 'pluginSmallText', 'rel' => 'nofollow')));
    } else {
        $template->set_var('banner_broken', '');
    }
    $bannerimg = nl2br(stripslashes($A['description']));
    $flg_link = empty($A['url']) ? false : true;
    $banner = banner_buildBanner($A['bid'], $content, $bannerimg, $flg_link);
    $template->set_var('banner_description', $banner);
    if (SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']) == 3 && SEC_hasRights('banner.edit')) {
        $editurl = $_CONF['site_admin_url'] . '/plugins/banner/index.php?mode=edit&amp;bid=' . $A['bid'];
        $template->set_var('banner_edit', COM_createLink($LANG_ADMIN['edit'], $editurl));
        $edit_icon = "<img src=\"{$_CONF['layout_url']}/images/edit.{$_IMAGE_TYPE}\" " . "alt=\"{$LANG_ADMIN['edit']}\" title=\"{$LANG_ADMIN['edit']}\"" . XHTML . ">";
        $attr = array('class' => 'editlink');
        $template->set_var('edit_icon', COM_createLink($edit_icon, $editurl, $attr));
    } else {
        $template->set_var('banner_edit', '');
        $template->set_var('edit_icon', '');
    }
}
开发者ID:mistgrass,项目名称:geeklog-ivywe,代码行数:40,代码来源:index.php

示例5: SEC_hasAccess2

/**
 * Helper function for when you want to call SEC_hasAccess and have all the
 * values to check in an array.
 *
 * @param    array $A array with the standard permission values
 * @return   int         returns 3 for read/edit 2 for read only 0 for no access
 * @see      SEC_hasAccess
 */
function SEC_hasAccess2($A)
{
    return SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
}
开发者ID:Geeklog-Core,项目名称:geeklog,代码行数:12,代码来源:lib-security.php

示例6: COM_highlightQuery

 $cal_templates->set_var('lang_description', $LANG_CALJP_1[5]);
 $description = $gltext->getDisplayText($A['description'], $A['postmode']);
 if (!empty($query)) {
     $description = COM_highlightQuery($description, $query);
 }
 $cal_templates->set_var('event_description', $description);
 $cal_templates->set_var('lang_event_type', $LANG_CALJP_1[37]);
 $cal_templates->set_var('event_type', $A['event_type']);
 $cal_templates->set_var('event_id', $A['eid']);
 if ($mode == 'personal') {
     $editurl = $_CONF['site_url'] . '/calendarjp/event.php?action=edit' . '&amp;eid=' . $A['eid'];
     $cal_templates->set_var('event_edit', COM_createLink($LANG01[4], $editurl));
     $img = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG01[4] . '" title="' . $LANG01[4] . '"' . XHTML . '>';
     $cal_templates->set_var('edit_icon', COM_createLink($img, $editurl));
 } else {
     if (SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']) == 3 && SEC_hasRights('calendarjp.edit')) {
         $editurl = $_CONF['site_admin_url'] . '/plugins/calendarjp/index.php?mode=edit&amp;eid=' . $A['eid'];
         $cal_templates->set_var('event_edit', COM_createLink($LANG01[4], $editurl));
         $img = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG01[4] . '" title="' . $LANG01[4] . '"' . XHTML . '>';
         $cal_templates->set_var('edit_icon', COM_createLink($img, $editurl));
         $cal_templates->set_var('hits_admin', COM_numberFormat($A['hits']));
         $cal_templates->set_var('lang_hits_admin', $LANG10[30]);
     } else {
         $cal_templates->set_var('event_edit', '');
         $cal_templates->set_var('edit_icon', '');
     }
 }
 if ($mode == 'personal') {
     // personal events don't have a hits counter
     $cal_templates->set_var('lang_hits', '');
     $cal_templates->set_var('hits', '');
开发者ID:milk54,项目名称:geeklog-japan,代码行数:31,代码来源:event.php

示例7: deleteTopic

/**
* Delete a topic
*
* @param    string  $tid    Topic ID
* @return   string          HTML redirect
*
*/
function deleteTopic($tid)
{
    global $_CONF, $_TABLES, $_USER;
    $result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['topics']} WHERE tid ='{$tid}'");
    $A = DB_fetchArray($result);
    $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
    if ($access < 3) {
        COM_accessLog("User {$_USER['username']} tried to illegally delete topic {$tid}.");
        return COM_refresh($_CONF['site_admin_url'] . '/topic.php');
    }
    // don't delete topic blocks - assign them to 'all' and disable them
    DB_query("UPDATE {$_TABLES['blocks']} SET tid = 'all', is_enabled = 0 WHERE tid = '{$tid}'");
    // same with feeds
    DB_query("UPDATE {$_TABLES['syndication']} SET topic = '::all', is_enabled = 0 WHERE topic = '{$tid}'");
    // delete comments, trackbacks, images associated with stories in this topic
    $result = DB_query("SELECT sid FROM {$_TABLES['stories']} WHERE tid = '{$tid}'");
    $numStories = DB_numRows($result);
    for ($i = 0; $i < $numStories; $i++) {
        $A = DB_fetchArray($result);
        STORY_deleteImages($A['sid']);
        DB_delete($_TABLES['comments'], array('sid', 'type'), array($A['sid'], 'article'));
        DB_delete($_TABLES['trackback'], array('sid', 'type'), array($A['sid'], 'article'));
    }
    // delete these
    DB_delete($_TABLES['stories'], 'tid', $tid);
    DB_delete($_TABLES['storysubmission'], 'tid', $tid);
    DB_delete($_TABLES['topics'], 'tid', $tid);
    // update feed(s) and Older Stories block
    COM_rdfUpToDateCheck('article');
    COM_olderStuff();
    return COM_refresh($_CONF['site_admin_url'] . '/topic.php?msg=14');
}
开发者ID:hostellerie,项目名称:nexpro,代码行数:39,代码来源:topic.php

示例8: TRB_allowDelete

/**
* Check if the current user is allowed to delete trackback comments.
*
* @param    string  $sid    ID of the parent object of the comment
* @param    string  $type   type of the parent object ('article' = story, etc.)
* @return   boolean         true = user can delete the comment, false = nope
*
*/
function TRB_allowDelete($sid, $type)
{
    global $_TABLES;
    $allowed = false;
    if ($type == 'article') {
        $sid = DB_escapeString($sid);
        $sql = "SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['stories']} WHERE sid = '{$sid}'" . COM_getPermSql('AND', 0, 3);
        $result = DB_query($sql);
        $A = DB_fetchArray($result);
        if (SEC_hasRights('story.edit') && SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']) == 3 && TOPIC_hasMultiTopicAccess('article', $sid) == 3) {
            $allowed = true;
        } else {
            $allowed = false;
        }
    } else {
        $allowed = PLG_handlePingComment($type, $sid, 'delete');
    }
    return $allowed;
}
开发者ID:milk54,项目名称:geeklog-japan,代码行数:27,代码来源:lib-trackback.php

示例9: deleteLink

/**
* Delete a link
*
* @param    string  $lid    id of link to delete
* @param    string  $type   'submission' when attempting to delete a submission
* @return   string          HTML redirect
*
*/
function deleteLink($lid, $type = '')
{
    global $_CONF, $_TABLES, $_USER;
    if (empty($type)) {
        // delete regular link
        $result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['links']} WHERE lid ='{$lid}'");
        $A = DB_fetchArray($result);
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
        if ($access < 3) {
            COM_accessLog("User {$_USER['username']} tried to illegally delete link {$lid}.");
            return COM_refresh($_CONF['site_admin_url'] . '/plugins/links/index.php');
        }
        DB_delete($_TABLES['links'], 'lid', $lid);
        PLG_itemDeleted($lid, 'links');
        return COM_refresh($_CONF['site_admin_url'] . '/plugins/links/index.php?msg=3');
    } elseif ($type == 'submission') {
        if (plugin_ismoderator_links()) {
            DB_delete($_TABLES['linksubmission'], 'lid', $lid);
            return COM_refresh($_CONF['site_admin_url'] . '/plugins/links/index.php?msg=3');
        } else {
            COM_accessLog("User {$_USER['username']} tried to illegally delete link submission {$lid}.");
        }
    } else {
        COM_accessLog("User {$_USER['username']} tried to illegally delete link {$lid} of type {$type}.");
    }
    return COM_refresh($_CONF['site_admin_url'] . '/plugins/links/index.php');
}
开发者ID:milk54,项目名称:geeklog-japan,代码行数:35,代码来源:index.php

示例10: TOPIC_getTopicListSelect

/**
* This function creates html options for Topics, for a single or multi select box
*
* @param    string/array    $selected_ids       Topics Ids to mark as selected
* @param    int             $include_root_all   Include Nothing (0) or Root (1) or All (2) or None (4) in list.
* @param    boolean         $language_specific  If false include all topics for every language
* @param    string          $remove_id          Id of topic to not include (includes any children) (used for selection of parent id)
* @param    boolean         $remove_archive     Remove archive topic from list if any
* @param    int             $uid                User id or 0 = current user
* @return   HTML string
*
*/
function TOPIC_getTopicListSelect($selected_ids = array(), $include_root_all = 1, $language_specific = false, $remove_id = '', $remove_archive = false, $uid = 0)
{
    global $_TOPICS, $_TABLES, $LANG21;
    $retval = '';
    if (!is_array($selected_ids)) {
        $selected_ids = array($selected_ids);
    }
    if ($include_root_all > 0) {
        $start_topic = 1;
    } else {
        $start_topic = 2;
    }
    $total_topic = count($_TOPICS);
    $branch_level_skip = 0;
    $lang_id = '';
    if ($language_specific) {
        $lang_id = COM_getLanguageId();
    }
    // Retrieve Archive Topic if any
    $archive_tid = '';
    if ($remove_archive) {
        $archive_tid = DB_getItem($_TABLES['topics'], 'tid', 'archive_flag = 1');
    }
    for ($count_topic = $start_topic; $count_topic <= $total_topic; $count_topic++) {
        if ($count_topic == 1) {
            // Deal with Root or All and None
            if ($include_root_all == 1) {
                $id = $_TOPICS[$count_topic]['id'];
                $title = $_TOPICS[$count_topic]['title'];
                $retval .= '<option value="' . $id . '"';
                $retval .= ' title="' . $title . '"';
                if (in_array($id, $selected_ids)) {
                    $retval .= ' selected="selected"';
                }
                $retval .= '>' . $title . '</option>';
            } else {
                // Check for None
                if ($include_root_all == 4 || $include_root_all == 6) {
                    $id = TOPIC_NONE_OPTION;
                    $title = $LANG21[47];
                    $retval .= '<option value="' . $id . '"';
                    $retval .= ' title="' . $title . '"';
                    if (in_array($id, $selected_ids)) {
                        $retval .= ' selected="selected"';
                    }
                    $retval .= '>' . $title . '</option>';
                }
                // Check for All
                if ($include_root_all == 2 || $include_root_all == 6) {
                    $id = TOPIC_ALL_OPTION;
                    $title = $LANG21[7];
                    $retval .= '<option value="' . $id . '"';
                    $retval .= ' title="' . $title . '"';
                    if (in_array($id, $selected_ids)) {
                        $retval .= ' selected="selected"';
                    }
                    $retval .= '>' . $title . '</option>';
                }
            }
        } else {
            // Check to see if we need to include id (this is done for stuff like topic edits that cannot include themselves or child as parent
            if ($branch_level_skip >= $_TOPICS[$count_topic]['branch_level']) {
                $branch_level_skip = 0;
            }
            if ($branch_level_skip == 0) {
                $id = $_TOPICS[$count_topic]['id'];
                if ($uid == 0) {
                    // Current User
                    $specified_user_access = $_TOPICS[$count_topic]['access'];
                } else {
                    $specified_user_access = SEC_hasAccess($_TOPICS[$count_topic]['owner_id'], $_TOPICS[$count_topic]['group_id'], $_TOPICS[$count_topic]['perm_owner'], $_TOPICS[$count_topic]['perm_group'], $_TOPICS[$count_topic]['perm_members'], $_TOPICS[$count_topic]['perm_anon'], $uid);
                }
                // Make sure to show topics for proper language and access level only
                if ($archive_tid != $id && $specified_user_access > 0 && $id != $remove_id && ($lang_id == '' || $lang_id != '' && ($_TOPICS[$count_topic]['language_id'] == $lang_id || $_TOPICS[$count_topic]['language_id'] == ''))) {
                    $title = $_TOPICS[$count_topic]['title'];
                    $branch_spaces = "";
                    for ($branch_count = $start_topic; $branch_count <= $_TOPICS[$count_topic]['branch_level']; $branch_count++) {
                        $branch_spaces .= "&nbsp;&nbsp;&nbsp;";
                    }
                    $retval .= '<option value="' . $id . '"';
                    $retval .= ' title="' . $title . '"';
                    if (in_array($id, $selected_ids)) {
                        $retval .= ' selected="selected"';
                    }
                    $retval .= '>' . $branch_spaces . $title . '</option>';
                } else {
                    // Cannot pick child as parent so skip
                    $branch_level_skip = $_TOPICS[$count_topic]['branch_level'];
//.........这里部分代码省略.........
开发者ID:Geeklog-Core,项目名称:geeklog,代码行数:101,代码来源:lib-topic.php

示例11: CUSTOM_MOBILE_blockMenu

function CUSTOM_MOBILE_blockMenu()
{
    $blockmenu .= "<h1>サブメニュー</h1>\n";
    $blockmenu .= "<ul>\n";
    $b = CUSTOM_MOBILE_getBlocks();
    $rb = CUSTOM_MOBILE_getBlocks('right');
    $b = array_merge($b, $rb);
    foreach ($b as $A) {
        if ($A['type'] == 'dynamic' or SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']) > 0) {
            $blockmenu .= "<li><a href=\"" . BLOCKS . "?bid=" . $A['bid'] . "\">" . $A['title'] . "</a></li>\n";
        }
    }
    $blockmenu .= "</ul>\n";
    return $blockmenu;
}
开发者ID:Geeklog-Japan,项目名称:geeklog-custom,代码行数:15,代码来源:custom_cellular.php

示例12: MG_getRemote

function MG_getRemote($URL, $mimeType, $albumId, $caption, $description, $keywords, $category, $attachedThumbnail, $thumbnail, $resolution_x, $resolution_y)
{
    global $MG_albums, $_CONF, $_MG_CONF, $_USER, $_TABLES, $LANG_MG00, $LANG_MG01, $LANG_MG02, $new_media_id;
    if ($_MG_CONF['verbose']) {
        COM_errorLog("MG Upload: Entering MG_getRemote()");
        COM_errorLog("MG Upload: URL to process: " . htmlentities($URL));
    }
    $resolution_x = 0;
    $resolution_y = 0;
    $urlArray = array();
    $urlArray = parse_url($URL);
    // make sure we have the proper permissions to upload to this album....
    $sql = "SELECT * FROM {$_TABLES['mg_albums']} WHERE album_id=" . intval($albumId);
    $aResult = DB_query($sql);
    $aRows = DB_numRows($aResult);
    if ($aRows != 1) {
        $errMsg = $LANG_MG02['album_nonexist'];
        // "Album does not exist, unable to process uploads";
        return array(false, $errMsg);
    }
    $albumInfo = DB_fetchArray($aResult);
    $access = SEC_hasAccess($albumInfo['owner_id'], $albumInfo['group_id'], $albumInfo['perm_owner'], $albumInfo['perm_group'], $albumInfo['perm_members'], $albumInfo['perm_anon']);
    if ($access != 3 && !$MG_albums[0]->owner_id && $albumInfo['member_uploads'] == 0) {
        COM_errorLog("Someone has tried to illegally upload to an album in Media Gallery.  User id: {$_USER['uid']}, Username: {$_USER['username']}, IP: {$_SERVER['REMOTE_ADDR']}", 1);
        return array(false, $LANG_MG00['access_denied_msg']);
    }
    $errors = 0;
    $errMsg = '';
    sleep(1);
    // We do this to make sure we don't get dupe sid's
    $new_media_id = COM_makesid();
    $media_time = time();
    $media_upload_time = time();
    $media_user_id = $_USER['uid'];
    // we expect the mime type (player type) to be passed to this function
    //  - Image
    //  - Video - Windows Media
    //  - Video - QuickTime
    //  - Video - Flash Video
    //  - Audio - Windows Media
    //  - Audio - QuickTime
    //  - Audio - MP3
    //  - Embed - YouTube/Google/etc...
    switch ($mimeType) {
        case 'embed':
            $format_type = MG_EMB;
            $mimeExt = 'flv';
            $mediaType = 5;
            break;
        case 'image/gif':
            $format_type = MG_GIF;
            $mimeExt = 'gif';
            $mediaType = 0;
            break;
        case 'image/jpg':
            $format_type = MG_JPG;
            $mimeExt = 'jpg';
            $mediaType = 0;
            break;
        case 'image/png':
            $format_type = MG_PNG;
            $mimeExt = 'png';
            $mediaType = 0;
            break;
        case 'image/bmp':
            $format_type = MG_BMP;
            $mimeExt = 'bmp';
            $mediaType = 0;
            break;
        case 'application/x-shockwave-flash':
            $format_type = MG_SWF;
            $mimeExt = 'swf';
            $mediaType = 1;
            break;
        case 'video/quicktime':
            $format_type = MG_MOV;
            $mimeExt = 'mov';
            $mediaType = 1;
            break;
        case 'video/x-flv':
            $format_type = MG_RFLV;
            $mimeExt = 'flv';
            $mediaType = 1;
            break;
        case 'video/x-ms-asf':
            $format_type = MG_ASF;
            $mimeExt = 'asf';
            $mediaType = 1;
            break;
        case 'audio/mpeg':
            $format_type = MG_MP3;
            $mimeExt = 'mp3';
            $mediaType = 2;
            break;
        case 'audio/x-ms-wma':
            $format_type = MG_ASF;
            $mimeExt = 'wma';
            $mediaType = 2;
            break;
    }
//.........这里部分代码省略.........
开发者ID:NewRoute,项目名称:glfusion,代码行数:101,代码来源:remote.php

示例13: delcomment

 /**
  * Deletes a given comment
  * (lifted from comment.php)
  * @param    int         $cid    Comment ID
  * @param    string      $sid    ID of object comment belongs to
  * @param    string      $type   Comment type (e.g. article, poll, etc)
  * @return   string      Returns string needed to redirect page to right place
  *
  */
 public function delcomment($cid, $sid, $type)
 {
     global $_CONF, $_TABLES, $LANG_SX00;
     $type = COM_applyFilter($type);
     $sid = COM_applyFilter($sid);
     switch ($type) {
         case 'article':
             $has_editPermissions = SEC_hasRights('story.edit');
             $result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['stories']} WHERE sid = '{$sid}'");
             $A = DB_fetchArray($result);
             if ($has_editPermissions && SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']) == 3) {
                 CMT_deleteComment(COM_applyFilter($cid, true), $sid, 'article');
                 $comments = DB_count($_TABLES['comments'], array('sid', 'type'), array($sid, 'article'));
                 DB_change($_TABLES['stories'], 'comments', $comments, 'sid', $sid);
             } else {
                 COM_errorLog("User {$_USER['username']} (IP: {$_SERVER['REMOTE_ADDR']}) tried to illegally delete comment {$cid} from {$type} {$sid}");
             }
             break;
         default:
             // assume plugin
             PLG_commentDelete($type, COM_applyFilter($cid, true), $sid);
             break;
     }
     SPAMX_log($LANG_SX00['spamdeleted']);
 }
开发者ID:ivywe,项目名称:geeklog,代码行数:34,代码来源:MassDelete.Admin.class.php

示例14: buildSelection

 /**
  *   Recurse through the category table building an option list
  *   sorted by id.
  *
  *   @param integer  $sel        Category ID to be selected in list
  *   @param integer  $papa_id    Parent category ID
  *   @param string   $char       Separator characters
  *   @param string   $not        'NOT' to exclude $items, '' to include
  *   @param string   $items      Optional comma-separated list of items to include or exclude
  *   @return string              HTML option list, without <select> tags
  */
 public static function buildSelection($sel = 0, $papa_id = 0, $char = '', $not = '', $items = '')
 {
     global $_TABLES, $_GROUPS;
     $str = '';
     // Locate the parent category of this one, or the root categories
     // if papa_id is 0.
     $sql = "SELECT cat_id, cat_name, papa_id, owner_id, group_id,\n                perm_owner, perm_group, perm_members, perm_anon\n            FROM {$_TABLES['ad_category']}\n            WHERE papa_id = {$papa_id} ";
     if (!empty($items)) {
         $sql .= " AND cat_id {$not} IN ({$items}) ";
     }
     $sql .= COM_getPermSQL('AND') . ' ORDER BY cat_name ASC ';
     //echo $sql;die;
     //COM_errorLog($sql);
     $result = DB_query($sql);
     // If there is no parent, just return.
     if (!$result) {
         return '';
     }
     while ($row = DB_fetchArray($result, false)) {
         $txt = $char . $row['cat_name'];
         $selected = $row['cat_id'] == $sel ? 'selected' : '';
         if ($row['papa_id'] == 0) {
             $style = 'class="adCatRoot"';
         } else {
             $style = '';
         }
         if (SEC_hasAccess($row['owner_id'], $row['group_id'], $row['perm_owner'], $row['perm_group'], $row['perm_members'], $row['perm_anon']) < 3) {
             $disabled = 'disabled="true"';
         } else {
             $disabled = '';
         }
         $str .= "<option value=\"{$row['cat_id']}\" {$style} {$selected} {$disabled}>";
         $str .= $txt;
         $str .= "</option>\n";
         $str .= adCategory::buildSelection($sel, $row['cat_id'], $char . '-', $not, $items);
     }
     //echo $str;die;
     return $str;
 }
开发者ID:NewRoute,项目名称:classifieds,代码行数:50,代码来源:category.class.php

示例15: deleteBlock

/**
* Delete a block
*
* @param    string  $bid    id of block to delete
* @return   string          HTML redirect or error message
*
*/
function deleteBlock($bid)
{
    global $_CONF, $_TABLES, $_USER;
    $result = DB_query("SELECT tid,owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['blocks']} WHERE bid ='{$bid}'");
    $A = DB_fetchArray($result);
    $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
    if ($access < 3 || hasBlockTopicAccess($A['tid']) < 3) {
        COM_accessLog("User {$_USER['username']} tried to illegally delete block {$bid}.");
        return COM_refresh($_CONF['site_admin_url'] . '/block.php');
    }
    DB_delete($_TABLES['blocks'], 'bid', $bid);
    return COM_refresh($_CONF['site_admin_url'] . '/block.php?msg=12');
}
开发者ID:alxstuart,项目名称:ajfs.me,代码行数:20,代码来源:block.php


注:本文中的SEC_hasAccess函数示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。