本文整理汇总了PHP中SEC_inGroup函数的典型用法代码示例。如果您正苦于以下问题:PHP SEC_inGroup函数的具体用法?PHP SEC_inGroup怎么用?PHP SEC_inGroup使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了SEC_inGroup函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: selectHTML_forum
function selectHTML_forum($selected = '')
{
global $_CONF, $_TABLES;
$selectHTML = '';
$asql = DB_query("SELECT * FROM {$_TABLES['forum_categories']} ORDER BY cat_order ASC");
while ($A = DB_fetchArray($asql)) {
$firstforum = true;
$bsql = DB_query("SELECT * FROM {$_TABLES['forum_forums']} WHERE forum_cat='{$A['id']}' ORDER BY forum_order ASC");
while ($B = DB_fetchArray($bsql)) {
$groupname = DB_getItem($_TABLES['groups'], 'grp_name', "grp_id='{$B['grp_id']}'");
if (SEC_inGroup($groupname)) {
if ($firstforum) {
$selectHTML .= '<option value="-1">-------------------</option>';
$selectHTML .= '<option value="-1">' . $A['cat_name'] . '</option>';
}
$firstforum = false;
if ($B['forum_id'] == $selected) {
$selectHTML .= LB . '<option value="' . $B['forum_id'] . '" selected="selected"> » ' . $B['forum_name'] . '</option>';
} else {
$selectHTML .= LB . '<option value="' . $B['forum_id'] . '"> » ' . $B['forum_name'] . '</option>';
}
}
}
}
return $selectHTML;
}
示例2: auth
/**
* Check if user is authorized
*
* @return boolean true if access granted, false if no access
*/
function auth()
{
// You can insert your own code over here to check if the user is authorized.
// If you use a session variable, you've got to start the session first (session_start())
global $_CONF;
return SEC_inGroup('Root') || !$_CONF['filemanager_disabled'] && (SEC_inGroup('Filemanager Admin') || SEC_hasRights('filemanager.admin'));
}
示例3: listDownloads
function listDownloads()
{
global $_CONF, $_TABLES, $LANG_ADMIN, $LANG_DLM;
require_once $_CONF['path_system'] . 'lib-admin.php';
$retval = '';
$is_root_user = SEC_inGroup('Root');
$admin_url = $_CONF['site_admin_url'] . '/plugins/downloads/index.php';
$field_category = $LANG_DLM['category'];
if (isset($_CONF['languages'])) {
$field_category .= ' (' . $LANG_DLM['language'] . ')';
}
$header_arr = array(array('text' => $LANG_ADMIN['edit'], 'field' => 'edit', 'sort' => false), array('text' => $LANG_ADMIN['title'], 'field' => 'title', 'sort' => true), array('text' => $field_category, 'field' => 'cid', 'sort' => true), array('text' => $LANG_DLM['ver'], 'field' => 'version', 'sort' => true), array('text' => $LANG_DLM['size'], 'field' => 'size', 'sort' => true), array('text' => $LANG_DLM['submitdate'], 'field' => 'date', 'sort' => true));
$defsort_arr = array('field' => 'date', 'direction' => 'desc');
$menu_arr = array();
if ($is_root_user) {
$menu_arr[] = array('url' => $admin_url . '?op=listCategories', 'text' => $LANG_DLM['nav_categories']);
$menu_arr[] = array('url' => $admin_url . '?op=newCategory', 'text' => $LANG_DLM['nav_addcategory']);
}
$sql = "SELECT COUNT(*) FROM {$_TABLES['downloadcategories']} WHERE cid != ''";
list($count) = DB_fetchArray(DB_query($sql));
if ($count > 0) {
$menu_arr[] = array('url' => $admin_url . '?op=uploadFile', 'text' => $LANG_DLM['nav_addfile']);
}
$menu_arr[] = array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']);
$retval .= COM_startBlock($LANG_DLM['manager'], '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= ADMIN_createMenu($menu_arr, $is_root_user ? $LANG_DLM['instructions'] : $LANG_DLM['instructions2'], plugin_geticon_downloads());
$text_arr = array('has_extras' => true, 'form_url' => $admin_url);
$sql = "SELECT lid, url, a.title, a.cid, date, version, size, " . "b.owner_id, group_id, perm_owner, perm_group, perm_members, perm_anon " . "FROM {$_TABLES['downloads']} a " . "LEFT JOIN {$_TABLES['downloadcategories']} b ON a.cid=b.cid " . "WHERE lid != '' " . COM_getPermSQL('AND', 0, 2, 'b');
$query_arr = array('table' => 'downloads', 'sql' => $sql, 'query_fields' => array('title'), 'default_filter' => '');
$retval .= ADMIN_list('downloads', 'downloads_getListField_Files', $header_arr, $text_arr, $query_arr, $defsort_arr);
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
示例4: MG_selectUsers
function MG_selectUsers($page)
{
global $glversion, $_CONF, $_MG_CONF, $_TABLES, $_USER, $LANG_MG00, $LANG_MG01;
$retval = '';
$T = new Template($_MG_CONF['template_path']);
$T->set_file('admin', 'createmembers.thtml');
$T->set_var(array('site_admin_url' => $_CONF['site_admin_url'], 'site_url' => $_CONF['site_url'], 'xhtml' => XHTML));
$T->set_block('admin', 'UserRow', 'uRow');
$start = $page * 50;
$end = 50;
$sql = "SELECT COUNT(gl.uid) AS count " . "FROM {$_TABLES['users']} AS gl " . "LEFT JOIN {$_TABLES['mg_userprefs']} AS mg ON gl.uid=mg.uid " . "WHERE gl.status = 3 AND gl.uid > 2 AND (mg.member_gallery IS NULL OR mg.member_gallery < 1)";
$result = DB_query($sql);
list($total_records) = DB_fetchArray($result);
$sql = "SELECT gl.uid, gl.status, gl.username, gl.fullname, mg.member_gallery " . "FROM {$_TABLES['users']} AS gl " . "LEFT JOIN {$_TABLES['mg_userprefs']} AS mg ON gl.uid=mg.uid " . "WHERE gl.status = 3 AND gl.uid > 2 AND (mg.member_gallery IS NULL OR mg.member_gallery < 1) " . "ORDER BY gl.username ASC LIMIT {$start},{$end}";
$result = DB_query($sql);
while ($row = DB_fetchArray($result)) {
if ($glversion[1] < 4) {
$row['status'] = 3;
}
$uid = $row['uid'];
$remote = SEC_inGroup("Remote Users", $uid) ? '(r)' : '';
$username = $row['username'];
$member_gallery = $row['member_gallery'];
$T->set_var(array('uid' => $uid, 'username' => $username . ' ' . $remote . ' - ' . $row['fullname'], 'select' => '<input type="checkbox" name="user[]" value="' . $uid . '"' . XHTML . '>'));
$T->parse('uRow', 'UserRow', true);
}
$T->set_var(array('lang_userid' => $LANG_MG01['userid'], 'lang_username' => $LANG_MG01['username'], 'lang_select' => $LANG_MG01['select'], 'lang_checkall' => $LANG_MG01['check_all'], 'lang_uncheckall' => $LANG_MG01['uncheck_all'], 'lang_save' => $LANG_MG01['save'], 'lang_cancel' => $LANG_MG01['cancel'], 'lang_reset' => $LANG_MG01['reset'], 's_form_action' => $_MG_CONF['admin_url'] . 'createmembers.php', 'pagenav' => COM_printPageNavigation($_MG_CONF['admin_url'] . 'createmembers.php', $page + 1, ceil($total_records / 50))));
$retval .= $T->finish($T->parse('output', 'admin'));
return $retval;
}
示例5: security_check_reminder
/**
* Display a reminder to execute the security check script
*
* @return string HTML for security reminder (or empty string)
*/
function security_check_reminder()
{
global $_CONF, $_TABLES, $_IMAGE_TYPE, $MESSAGE;
$retval = '';
if (!SEC_inGroup('Root')) {
return $retval;
}
$done = DB_getItem($_TABLES['vars'], 'value', "name = 'security_check'");
if ($done != 1) {
$retval .= COM_showMessage(92);
}
return $retval;
}
示例6: taskconsoleShowNavbar
function taskconsoleShowNavbar($selected = 'My Tasks')
{
global $_USER, $_CONF, $optLinkVars, $usermodeUID;
$retval = '<div id="navbar1" style="display:;">';
$navbar = new navbar();
if ($_USER['uid'] > 1) {
$navbar->add_menuitem('My Tasks', $_CONF['site_url'] . '/nexflow/index.php?op=mytasks' . $optLinkVars);
$navbar->add_menuitem('My Flows', $_CONF['site_url'] . '/nexflow/index.php?op=myprojects' . $optLinkVars);
}
$navbar->add_menuitem('All Flows', $_CONF['site_url'] . '/nexflow/index.php?op=allprojects' . $optLinkVars);
if (SEC_inGroup('nexflow Admin')) {
$navbar->add_menuitem('Outstanding Tasks', $_CONF['site_admin_url'] . '/plugins/nexflow/outstanding.php?taskuser=' . $usermodeUID);
}
if ($_USER['uid'] > 1) {
$navbar->add_menuitem('Start New Process', $_CONF['site_url'] . '/nexflow/newprocess.php?taskuser=' . $usermodeUID);
}
$navbar->set_selected($selected);
$retval .= $navbar->generate();
$retval .= '</div>';
return $retval;
}
示例7: renderMenu
public function renderMenu()
{
global $_TABLES, $_CONF;
$menuItems = false;
$query = DB_query("SELECT grp_access FROM {$_TABLES['nexmenu']} WHERE pid=0 AND is_enabled=1 AND location='{$this->_type}'");
while (list($grp_id) = DB_fetchArray($query)) {
$grp_name = DB_getItem($_TABLES['groups'], "grp_name", "grp_id='{$grp_id}'");
if (SEC_inGroup($grp_name)) {
// There is atleast 1 item - set true and break out of loop
$menuItems = true;
break;
}
}
if ($menuItems) {
if ($this->_type == 'header') {
return $this->_renderHeaderMenu();
} elseif ($this->_type == 'block') {
return $this->_renderBlockMenu();
}
} else {
return '';
}
}
示例8: upload_file
function upload_file()
{
global $CONF_FE, $_TABLES, $GLOBALS, $_CONF;
//upload the file
$field_name = COM_applyFilter($_POST['current_upload_file']);
$result_id = COM_applyFilter($_POST['res_id'], true);
$form_id = COM_applyFilter($_POST['form_id'], true);
$uploadfile = $_FILES[$field_name];
$fieldID = COM_applyFilter($_REQUEST['field_id'], true);
if ($result_id == 0) {
//form has not been saved yet
$result_id = nexform_dbsave($form_id, 0, false);
}
if (($rec = nexform_check4files($result_id, $field_name)) != 0) {
$retval = '';
$retval .= " <a href=\"{$CONF_FE['public_url']}/download.php?id={$rec}\" target=\"_new\">";
$retval .= "<img src=\"{$CONF_FE['image_url']}/document_sm.gif\" border=\"0\">{$uploadfile['name'][0]}</a> ";
$edit_group = DB_getItem($_TABLES['nxform_definitions'], 'perms_edit', "id='{$form_id}'");
if (SEC_inGroup($edit_group)) {
$retval .= "<a href=\"#\" onClick='ajaxDeleteFile({$fieldID},{$rec},\"{$field_name}\"); return false;'>";
$retval .= "<img src=\"{$CONF_FE['image_url']}/delete.gif\" border=\"0\"></a> ";
}
$iserror = 'false';
} else {
//COM_fileLog("upload error:" . $GLOBALS['fe_errmsg']);
$errmsg = $GLOBALS['fe_errmsg'];
$err_fieldname = 'error_' . ppRandomFilename();
$retval = '';
if ($errmsg == '') {
$errmsg = 'Your file could not be uploaded.';
}
$retval .= "<table id=\"tbl_{$err_fieldname}\"><tr id=\"{$err_fieldname}\"><td><img src=\"{$_CONF['layout_url']}/nexform/images/error.gif\"></td><td>{$errmsg}<br><center><font size=\"1\"><a href=\"#\" onClick=\"ajaxClearErrorMessage('{$err_fieldname}'); return false;\">[ Clear Message ]</a></font></center></td></tr></table>";
$iserror = 'true';
}
return array($retval, $fieldID, $field_name, $form_id, $result_id, $iserror);
}
示例9: MB_saveNewMenuElement
function MB_saveNewMenuElement()
{
global $_CONF, $_TABLES, $_GROUPS, $MenuElementAllowedHTML;
$filter = sanitizer::getInstance();
$allowedElements = $filter->makeAllowedElements($MenuElementAllowedHTML);
$filter->setAllowedElements($allowedElements);
$filter->setPostmode('html');
// build post vars
$E['menu_id'] = COM_applyFilter($_POST['menu'], true);
$E['pid'] = COM_applyFilter($_POST['pid'], true);
$E['element_label'] = $filter->filterHTML($_POST['menulabel']);
$E['element_type'] = COM_applyFilter($_POST['menutype'], true);
$E['element_target'] = isset($_POST['urltarget']) ? COM_applyFilter($_POST['urltarget']) : '';
$afterElementID = COM_applyFilter($_POST['menuorder'], true);
$E['element_active'] = COM_applyFilter($_POST['menuactive'], true);
$E['element_url'] = isset($_POST['menuurl']) ? trim(COM_applyFilter($_POST['menuurl'])) : '';
$E['group_id'] = COM_applyFilter($_POST['group'], true);
$menu = menu::getInstance($E['menu_id']);
switch ($E['element_type']) {
case 2:
$E['element_subtype'] = DB_escapeString(COM_applyFilter($_POST['glfunction']));
break;
case 3:
$E['element_subtype'] = COM_applyFilter($_POST['gltype'], true);
break;
case 4:
$E['element_subtype'] = DB_escapeString(COM_applyFilter($_POST['pluginname']));
break;
case 5:
$E['element_subtype'] = DB_escapeString(COM_applyFilter($_POST['spname']));
break;
case 6:
$E['element_subtype'] = DB_escapeString(COM_applyFilter($_POST['menuurl']));
/*
* check URL if it needs http:// appended...
*/
if (trim($E['element_subtype']) != '') {
if (strpos($E['element_subtype'], "http") !== 0 && strpos($E['element_subtype'], "%site") === false && rtrim($E['element_subtype']) != '') {
$E['element_subtype'] = 'http://' . $E['element_subtype'];
}
}
break;
case 7:
$E['element_subtype'] = DB_escapeString(COM_applyFilter($_POST['phpfunction']));
break;
case 9:
$E['element_subtype'] = DB_escapeString(COM_applyFilter($_POST['topicname']));
break;
default:
$E['element_subtype'] = '';
break;
}
// check if URL needs the http:// added
if (trim($E['element_url']) != '') {
if (strpos($E['element_url'], "http") !== 0 && strpos($E['element_url'], "%site") === false && $E['element_url'][0] != '#' && rtrim($E['element_url']) != '') {
$E['element_url'] = 'http://' . $E['element_url'];
}
}
/*
* Pull some constants..
*/
$meadmin = SEC_hasRights('menu.admin');
$root = SEC_inGroup('Root');
$groups = $_GROUPS;
/* set element order */
if ($afterElementID == 0) {
$aorder = 0;
} else {
$aorder = DB_getItem($_TABLES['menu_elements'], 'element_order', 'id=' . $afterElementID);
}
$E['element_order'] = $aorder + 1;
/*
* build our class
*/
$element = new menuElement();
$element->constructor($E, $meadmin, $root, $groups, 1);
$element->id = $element->createElementID($E['menu_id']);
$element->saveElement();
$pid = $E['pid'];
$menu_id = $E['menu_id'];
$menu->reorderMenu($pid);
CACHE_remove_instance('menu');
}
示例10: saveusers
//.........这里部分代码省略.........
$curphoto = '';
}
if ($_CONF['allow_user_photo'] == 1 && !empty($curphoto)) {
$curusername = DB_getItem($_TABLES['users'], 'username', "uid = {$uid}");
if ($curusername != $username) {
// user has been renamed - rename the photo, too
$newphoto = preg_replace('/' . $curusername . '/', $username, $curphoto, 1);
$imgpath = $_CONF['path_images'] . 'userphotos/';
if (@rename($imgpath . $curphoto, $imgpath . $newphoto) === false) {
$retval .= COM_errorLog('Could not rename userphoto "' . $curphoto . '" to "' . $newphoto . '".');
return $retval;
}
$curphoto = $newphoto;
}
}
$curphoto = DB_escapeString($curphoto);
DB_query("UPDATE {$_TABLES['users']} SET username = '{$username}', fullname = '{$fullname}', email = '{$email}', homepage = '{$homepage}', photo = '{$curphoto}', status='{$userstatus}' WHERE uid = {$uid}");
if ($passwd_changed && !empty($passwd)) {
SEC_updateUserPassword($passwd, $uid);
}
if ($_CONF['custom_registration'] and function_exists('CUSTOM_userSave')) {
CUSTOM_userSave($uid);
}
if ($_CONF['usersubmission'] == 1 && $oldstatus == USER_ACCOUNT_AWAITING_APPROVAL && $userstatus == USER_ACCOUNT_ACTIVE) {
USER_createAndSendPassword($username, $email, $uid);
}
if ($userstatus == USER_ACCOUNT_DISABLED) {
SESS_endUserSession($uid);
}
$userChanged = true;
}
// check that the user is allowed to change group assignments
if (is_array($groups) && SEC_hasRights('group.assign')) {
if (!SEC_inGroup('Root')) {
$rootgrp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Root'");
if (in_array($rootgrp, $groups)) {
COM_accessLog("User {$_USER['username']} ({$_USER['uid']}) just tried to give Root permissions to user {$username}.");
echo COM_refresh($_CONF['site_admin_url'] . '/index.php');
exit;
}
}
// make sure the Remote Users group is in $groups
if (SEC_inGroup('Remote Users', $uid)) {
$remUsers = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Remote Users'");
if (!in_array($remUsers, $groups)) {
$groups[] = $remUsers;
}
}
if ($_USER_VERBOSE) {
COM_errorLog("deleting all group_assignments for user {$uid}/{$username}", 1);
}
// remove user from all groups that the User Admin is a member of
$UserAdminGroups = SEC_getUserGroups();
$whereGroup = 'ug_main_grp_id IN (' . implode(',', $UserAdminGroups) . ')';
DB_query("DELETE FROM {$_TABLES['group_assignments']} WHERE (ug_uid = {$uid}) AND " . $whereGroup);
// make sure to add user to All Users and Logged-in Users groups
$allUsers = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'All Users'");
if (!in_array($allUsers, $groups)) {
$groups[] = $allUsers;
}
$logUsers = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Logged-in Users'");
if (!in_array($logUsers, $groups)) {
$groups[] = $logUsers;
}
foreach ($groups as $userGroup) {
if (in_array($userGroup, $UserAdminGroups)) {
示例11: MG_mediaEdit
function MG_mediaEdit($album_id, $media_id, $actionURL = '', $mqueue = 0, $view = 0, $back = '')
{
global $_USER, $_CONF, $_MG_CONF, $_TABLES, $_MG_CONF, $LANG_MG00, $LANG_MG01, $LANG_MG03, $LANG_MG07, $_DB_dbms;
$album = new mgAlbum($album_id);
if ($actionURL == '') {
$actionURL = $_MG_CONF['site_url'] . '/index.php';
}
$retval = '';
$T = COM_newTemplate(MG_getTemplatePath($album_id));
$T->set_file(array('admin' => 'mediaedit.thtml', 'asf_options' => 'edit_asf_options.thtml', 'mp3_options' => 'edit_mp3_options.thtml', 'swf_options' => 'edit_swf_options.thtml', 'mov_options' => 'edit_mov_options.thtml', 'flv_options' => 'edit_flv_options.thtml'));
// pull the media information from the database...
$sql = "SELECT * FROM ";
if ($_DB_dbms == "mssql") {
$sql = "SELECT *,CAST(media_desc AS TEXT) AS media_desc FROM ";
}
$sql .= ($mqueue ? $_TABLES['mg_mediaqueue'] : $_TABLES['mg_media']) . " WHERE media_id='" . addslashes($media_id) . "'";
$result = DB_query($sql);
$row = DB_fetchArray($result);
if ($album->access != 3 && !SEC_inGroup($album->mod_group_id) && $row['media_user_id'] != $_USER['uid']) {
COM_errorLog("Someone has tried to illegally sort albums in Media Gallery. " . "User id: {$_USER['uid']}, Username: {$_USER['username']}, IP: {$REMOTE_ADDR}", 1);
return COM_showMessageText($LANG_MG00['access_denied_msg']);
}
// Build Album List
$album_jumpbox = '<select name="albums" width="40">';
$root_album = new mgAlbum(0);
$root_album->buildJumpBox($album_jumpbox, $album_id);
$album_jumpbox .= '</select>';
// should check the above for errors, etc...
$exif_info = '';
if ($row['media_type'] == 0) {
if (!function_exists('MG_readEXIF')) {
require_once $_CONF['path'] . 'plugins/mediagallery/include/lib-exif.php';
}
$exif_info = MG_readEXIF($row['media_id'], 1, $mqueue);
if (empty($exif_info)) {
$exif_info = '';
}
}
$media_time_month = date("m", $row['media_time']);
$media_time_day = date("d", $row['media_time']);
$media_time_year = date("Y", $row['media_time']);
$media_time_hour = date("H", $row['media_time']);
$media_time_minute = date("i", $row['media_time']);
$month_select = '<select name="media_month">';
$month_select .= COM_getMonthFormOptions($media_time_month);
$month_select .= '</select>';
$day_select = '<select name="media_day">';
for ($i = 1; $i < 32; $i++) {
$day_select .= '<option value="' . $i . '"' . ($media_time_day == $i ? 'selected="selected"' : "") . '>' . $i . '</option>';
}
$day_select .= '</select>';
$current_year = (int) date("Y");
$end_year = $current_year + 10;
$year_select = '<select name="media_year">';
for ($i = 1998; $i < $end_year; $i++) {
$year_select .= '<option value="' . $i . '"' . ($media_time_year == $i ? 'selected="selected"' : "") . '>' . $i . '</option>';
}
$year_select .= '</select>';
$hour_select = '<select name="media_hour">';
for ($i = 0; $i < 24; $i++) {
$hour_select .= '<option value="' . $i . '"' . ($media_time_hour == $i ? 'selected="selected"' : "") . '>' . $i . '</option>';
}
$hour_select .= '</select>';
$minute_select = '<select name="media_minute">';
for ($i = 0; $i < 60; $i++) {
$minute_select .= '<option value="' . $i . '"' . ($media_time_minute == $i ? 'selected="selected"' : "") . '>' . ($i < 10 ? '0' : '') . $i . '</option>';
}
$minute_select .= '</select>';
$media_time = MG_getUserDateTimeFormat($row['media_time']);
$tn_size = 1;
list($thumbnail, $pThumbnail, $size) = Media::getThumbInfo($row, $tn_size);
$attached_thumbnail = '';
if ($row['media_tn_attached'] == 1) {
$atnsize = '';
if ($size != false) {
list($newwidth, $newheight) = Media::getImageWH($size[0], $size[1], 150, 150);
$atnsize = 'width="' . $newwidth . '" height="' . $newheight . '"';
}
$attached_thumbnail = '<img src="' . $thumbnail . '" alt="" ' . $atnsize . XHTML . '>';
$tmpthumb = Media::getDefaultThumbnail($row, $tn_size);
$thumbnail = $_MG_CONF['mediaobjects_url'] . '/' . $tmpthumb;
$size = getimagesize($_MG_CONF['path_mediaobjects'] . $tmpthumb);
}
$preview = '';
$preview_end = '';
if ($row['media_type'] == 0 || $row['media_type'] == 1 || $row['media_type'] == 2) {
// image, video and music file
if ($row['media_type'] == 2) {
$win_width = 540;
$win_height = 320;
} elseif ($row['media_type'] == 1) {
$win_width = 660;
$win_height = 525;
} elseif ($row['media_type'] == 0) {
$path = Media::getFilePath('disp', $row['media_filename'], $row['media_mime_ext']);
$media_size_disp = @getimagesize($path);
$win_width = $media_size_disp[0] + 20;
$win_height = $media_size_disp[1] + 20;
} else {
$win_width = 800;
//.........这里部分代码省略.........
示例12: COM_createMetaTags
//$meta_description = stripslashes( DB_getItem( $_TABLES['topics'], 'meta_description', "tid = '$topic'" ));
//$meta_keywords = stripslashes( DB_getItem( $_TABLES['topics'], 'meta_keywords', "tid = '$topic'" ));
$header .= COM_createMetaTags($meta_description, $meta_keywords);
}
} else {
$header = '<link rel="microsummary" href="' . $_CONF['site_url'] . '/index.php?display=microsummary" title="Microsummary"' . XHTML . '>';
}
$display .= COM_siteHeader('menu', '', $header);
if (isset($_GET['msg'])) {
$plugin = '';
if (isset($_GET['plugin'])) {
$plugin = COM_applyFilter($_GET['plugin']);
}
$display .= COM_showMessage(COM_applyFilter($_GET['msg'], true), $plugin);
}
if (SEC_inGroup('Root') && $page == 1) {
$done = DB_getItem($_TABLES['vars'], 'value', "name = 'security_check'");
if ($done != 1) {
/**
* we don't have the path to the admin directory, so try to figure it
* out from $_CONF['site_admin_url']
* @todo FIXME: this duplicates some code from admin/sectest.php
*/
$adminurl = $_CONF['site_admin_url'];
if (strrpos($adminurl, '/') == strlen($adminurl)) {
$adminurl = substr($adminurl, 0, -1);
}
$pos = strrpos($adminurl, '/');
if ($pos === false) {
// only guessing ...
$installdir = $_CONF['path_html'] . 'admin/install';
示例13: strftime
$form_details .= "<b>Created:</b> {$createdDate}<br><b> by:</b> {$createdUser}";
if ($lastUpdatedDate != 0) {
$lastUpdatedDate = strftime("%Y-%m-%d %H:%M", $lastUpdatedDate);
$lastUpdatedUser = COM_getDisplayName($lastUpdatedUid);
$form_date = "<b>[U]</b> {$lastUpdatedDate}";
$form_details .= "<br><b>Updated:</b> {$lastUpdatedDate}<br><b> by:</b> {$lastUpdatedUser}";
}
$p->set_var('form_details', $form_details);
// Get last timestamp event for this form
$q = DB_query("SELECT timestamp FROM {$_TABLES['nf_projecttimestamps']} WHERE project_formid='{$PD['id']}' ORDER BY timestamp DESC limit 1");
list($timestamp) = DB_fetchArray($q);
$p->set_var('form_date', strftime("%m-%d-%Y %H:%M:%S", $timestamp));
$p->set_var('form_status', $CONF_NF['formstatus'][$PD['status']]);
$p->set_var('form_name', $PD['formtype']);
$p->set_var('form_url', '#" onClick="nfNewWindow(\'' . sprintf($viewFormURL, $PD['form_id'], $PD['results_id'], $project_id) . '\');"');
if ($PD['created_by_uid'] == $_USER['uid'] or SEC_inGroup('nexflow Admin')) {
$edit_link = '<a href="#" onClick="nfNewWindow(\'' . sprintf($editFormURL, $PD['form_id'], $PD['results_id'], $usermodeUID) . '\');">';
$edit_link .= '<img src="' . $_CONF['layout_url'] . '/nexflow/images/edit.gif" Title="Edit Form" border="0"></a>';
} else {
$edit_link = '';
}
$p->set_var('edit_link', $edit_link);
if ($f == 1) {
$p->parse('form_records', 'projectforms');
} else {
$p->parse('form_records', 'projectforms', true);
}
$f++;
}
// while
}
示例14: USES_lib_install
// | of the License, or (at your option) any later version. |
// | |
// | This program is distributed in the hope that it will be useful, |
// | but WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
// | GNU General Public License for more details. |
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software Foundation, |
// | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
// | |
// +--------------------------------------------------------------------------+
require_once '../../../lib-common.php';
require_once $_CONF['path'] . '/plugins/calendar/autoinstall.php';
USES_lib_install();
if (!SEC_inGroup('Root')) {
// Someone is trying to illegally access this page
COM_errorLog("Someone has tried to illegally access the Calendar install/uninstall page. User id: {$_USER['uid']}, Username: {$_USER['username']}, IP: {$REMOTE_ADDR}", 1);
$display = COM_siteHeader('menu', $LANG_ACCESS['accessdenied']) . COM_startBlock($LANG_ACCESS['accessdenied']) . $LANG_ACCESS['plugin_access_denied_msg'] . COM_endBlock() . COM_siteFooter();
echo $display;
exit;
}
/**
* Main Function
*/
if (SEC_checkToken()) {
$action = COM_applyFilter($_GET['action']);
if ($action == 'install') {
if (plugin_install_calendar()) {
// Redirects to the plugin editor
echo COM_refresh($_CONF['site_admin_url'] . '/plugins.php?msg=44');
示例15: contactform
/**
* Displays the contact form
*
* @param int $uid User ID of article author
* @param string $subject Subject of email
* @param string $message Text of message to send
* @return string HTML for the contact form
*
*/
function contactform($uid, $subject = '', $message = '')
{
global $_CONF, $_TABLES, $_USER, $LANG08, $LANG_LOGIN;
$retval = '';
if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['emailuserloginrequired'] == 1)) {
$retval = COM_startBlock($LANG_LOGIN[1], '', COM_getBlockTemplate('_msg_block', 'header'));
$login = new Template($_CONF['path_layout'] . 'submit');
$login->set_file(array('login' => 'submitloginrequired.thtml'));
$login->set_var('xhtml', XHTML);
$login->set_var('site_url', $_CONF['site_url']);
$login->set_var('site_admin_url', $_CONF['site_admin_url']);
$login->set_var('layout_url', $_CONF['layout_url']);
$login->set_var('login_message', $LANG_LOGIN[2]);
$login->set_var('lang_login', $LANG_LOGIN[3]);
$login->set_var('lang_newuser', $LANG_LOGIN[4]);
$login->parse('output', 'login');
$retval .= $login->finish($login->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
} else {
$result = DB_query("SELECT emailfromadmin,emailfromuser FROM {$_TABLES['userprefs']} WHERE uid = '{$uid}'");
$P = DB_fetchArray($result);
if (SEC_inGroup('Root') || SEC_hasRights('user.mail')) {
$isAdmin = true;
} else {
$isAdmin = false;
}
$displayname = COM_getDisplayName($uid);
if ($P['emailfromadmin'] == 1 && $isAdmin || $P['emailfromuser'] == 1 && !$isAdmin) {
$retval = COM_startBlock($LANG08[10] . ' ' . $displayname);
$mail_template = new Template($_CONF['path_layout'] . 'profiles');
$mail_template->set_file('form', 'contactuserform.thtml');
$mail_template->set_var('xhtml', XHTML);
$mail_template->set_var('site_url', $_CONF['site_url']);
$mail_template->set_var('lang_description', $LANG08[26]);
$mail_template->set_var('lang_username', $LANG08[11]);
if (COM_isAnonUser()) {
$sender = '';
if (isset($_POST['author'])) {
$sender = strip_tags($_POST['author']);
$sender = substr($sender, 0, strcspn($sender, "\r\n"));
$sender = htmlspecialchars(trim($sender), ENT_QUOTES);
}
$mail_template->set_var('username', $sender);
} else {
$mail_template->set_var('username', COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']));
}
$mail_template->set_var('lang_useremail', $LANG08[12]);
if (COM_isAnonUser()) {
$email = '';
if (isset($_POST['authoremail'])) {
$email = strip_tags($_POST['authoremail']);
$email = substr($email, 0, strcspn($email, "\r\n"));
$email = htmlspecialchars(trim($email), ENT_QUOTES);
}
$mail_template->set_var('useremail', $email);
} else {
$mail_template->set_var('useremail', $_USER['email']);
}
$mail_template->set_var('lang_cc', $LANG08[36]);
$mail_template->set_var('lang_cc_description', $LANG08[37]);
$mail_template->set_var('lang_subject', $LANG08[13]);
$mail_template->set_var('subject', $subject);
$mail_template->set_var('lang_message', $LANG08[14]);
$mail_template->set_var('message', htmlspecialchars($message));
$mail_template->set_var('lang_nohtml', $LANG08[15]);
$mail_template->set_var('lang_submit', $LANG08[16]);
$mail_template->set_var('uid', $uid);
PLG_templateSetVars('contact', $mail_template);
$mail_template->parse('output', 'form');
$retval .= $mail_template->finish($mail_template->get_var('output'));
$retval .= COM_endBlock();
} else {
$retval = COM_startBlock($LANG08[10] . ' ' . $displayname, '', COM_getBlockTemplate('_msg_block', 'header'));
$retval .= $LANG08[35];
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
}
}
return $retval;
}