本文整理汇总了PHP中accessforbidden函数的典型用法代码示例。如果您正苦于以下问题:PHP accessforbidden函数的具体用法?PHP accessforbidden怎么用?PHP accessforbidden使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了accessforbidden函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: _printHeader
function _printHeader(&$langs, &$user)
{
llxHeader('', $langs->trans('PaymentImport'), '', '');
if (!$user->rights->facture->paiement) {
accessforbidden();
}
}
示例2: checkVersion
static function checkVersion(&$DoliDb, $moduleName)
{
global $conf;
if (class_exists($moduleName)) {
$conf_name = 'ATM_MODULE_VERSION_' . strtoupper($moduleName);
$mod = new $moduleName($DoliDb);
if (!empty($mod->version)) {
$version = $mod->version;
if ($conf->global->{$conf_name} != $version) {
$message = "Your module wasn't updated (v" . $conf->global->{$conf_name} . " != " . $version . "). Please reload it or launch the update of database script";
accessforbidden($message);
}
}
}
}
示例3: require
* \file htdocs/livraison/fiche.php
* \ingroup livraison
* \brief Fiche descriptive d'un bon de livraison=reception
* \version $Id: fiche.php,v 1.114 2011/07/31 23:24:38 eldy Exp $
*/
require("../main.inc.php");
require_once(DOL_DOCUMENT_ROOT."/livraison/class/livraison.class.php");
require_once(DOL_DOCUMENT_ROOT."/includes/modules/livraison/modules_livraison.php");
require_once(DOL_DOCUMENT_ROOT."/core/class/html.formfile.class.php");
require_once(DOL_DOCUMENT_ROOT."/lib/sendings.lib.php");
if ($conf->product->enabled || $conf->service->enabled) require_once(DOL_DOCUMENT_ROOT."/product/class/product.class.php");
if ($conf->expedition_bon->enabled) require_once(DOL_DOCUMENT_ROOT."/expedition/class/expedition.class.php");
if ($conf->stock->enabled) require_once(DOL_DOCUMENT_ROOT."/product/stock/class/entrepot.class.php");
if (!$user->rights->expedition->livraison->lire) accessforbidden();
$langs->load("sendings");
$langs->load("bills");
$langs->load('deliveries');
// Security check
$id = isset($_GET["id"])?$_GET["id"]:'';
if ($user->societe_id) $socid=$user->societe_id;
$result=restrictedArea($user,'expedition',$id,'livraison','livraison');
/*
* Actions
*/
示例4: dol_print_error
}
print '<br>';
} else {
if ($id > 0 || !empty($ref)) {
/*
* Show object in view mode
*/
$result = $object->fetch($id, $ref);
if ($result <= 0) {
dol_print_error($db, $object->error);
exit;
}
// fetch optionals attributes and labels
$extralabels = $extrafields->fetch_name_optionals_label($object->table_element);
if ($user->societe_id > 0 && $user->societe_id != $object->socid) {
accessforbidden('', 0);
}
$result = $object->fetch_thirdparty();
$soc = new Societe($db);
$result = $soc->fetch($object->socid);
if ($result < 0) {
dol_print_error($db);
}
$selleruserevenustamp = $mysoc->useRevenueStamp();
$totalpaye = $object->getSommePaiement();
$totalcreditnotes = $object->getSumCreditNotesUsed();
$totaldeposits = $object->getSumDepositsUsed();
// print "totalpaye=".$totalpaye." totalcreditnotes=".$totalcreditnotes." totaldeposts=".$totaldeposits."
// selleruserrevenuestamp=".$selleruserevenustamp;
// We can also use bcadd to avoid pb with floating points
// For example print 239.2 - 229.3 - 9.9; does not return 0.
示例5: require_once
require_once(DOL_DOCUMENT_ROOT."/projet/class/project.class.php");
require_once(DOL_DOCUMENT_ROOT."/projet/class/task.class.php");
require_once(DOL_DOCUMENT_ROOT."/core/lib/project.lib.php");
require_once(DOL_DOCUMENT_ROOT."/core/lib/date.lib.php");
$langs->load('projects');
$langs->load('users');
$id=GETPOST('id','int');
$search_product=GETPOST('search_product');
// Security check
$socid=0;
if ($user->societe_id > 0) $socid = $user->societe_id;
if (!$user->rights->projet->lire) accessforbidden();
$sortfield = isset($_GET["sortfield"])?$_GET["sortfield"]:$_POST["sortfield"];
$sortorder = isset($_GET["sortorder"])?$_GET["sortorder"]:$_POST["sortorder"];
$page = isset($_GET["page"])? $_GET["page"]:$_POST["page"];
$page = is_numeric($page) ? $page : 0;
$page = $page == -1 ? 0 : $page;
$mine = $_REQUEST['mode']=='mine' ? 1 : 0;
/*
* View
*/
示例6: restrictedArea
/**
* Check permissions of a user to show a page and an object. Check read permission.
* If GETPOST('action') defined, we also check write and delete permission.
*
* @param User $user User to check
* @param string $features Features to check (in most cases, it's module name. Examples: 'societe', 'contact', 'produit|service', ...)
* @param int $objectid Object ID if we want to check permission on a particular record (optionnal)
* @param string $dbtablename 'TableName&SharedElement' with Tablename is table where object is stored, SharedElement is key to define where to check entity. Not used if objectid is null (optionnal)
* @param string $feature2 Feature to check, second level of permission (optionnal)
* @param string $dbt_keyfield Field name for socid foreign key if not fk_soc (optionnal)
* @param string $dbt_select Field name for select if not rowid (optionnal)
* @param Canvas $objcanvas Object canvas
* @return int Always 1, die process if not allowed
*/
function restrictedArea($user, $features, $objectid = 0, $dbtablename = '', $feature2 = '', $dbt_keyfield = 'fk_soc', $dbt_select = 'rowid', $objcanvas = null)
{
global $db, $conf;
//dol_syslog("functions.lib:restrictedArea $feature, $objectid, $dbtablename,$feature2,$dbt_socfield,$dbt_select");
//print "user_id=".$user->id.", features=".$features.", feature2=".$feature2.", objectid=".$objectid;
//print ", dbtablename=".$dbtablename.", dbt_socfield=".$dbt_keyfield.", dbt_select=".$dbt_select;
//print ", perm: ".$features."->".$feature2."=".$user->rights->$features->$feature2->lire."<br>";
// If we use canvas, we try to use function that overlod restrictarea if provided with canvas
if (is_object($objcanvas)) {
if (method_exists($objcanvas->control, 'restrictedArea')) {
return $objcanvas->control->restrictedArea($user, $features, $objectid, $dbtablename, $feature2, $dbt_keyfield, $dbt_select);
}
}
if ($dbt_select != 'rowid') {
$objectid = "'" . $objectid . "'";
}
// More features to check
$features = explode("&", $features);
// More parameters
$params = explode('&', $dbtablename);
$dbtablename = !empty($params[0]) ? $params[0] : '';
$sharedelement = !empty($params[1]) ? $params[1] : '';
// Check read permission from module
// TODO Replace "feature" param into caller by first level of permission
$readok = 1;
foreach ($features as $feature) {
if ($feature == 'societe') {
if (!$user->rights->societe->lire && !$user->rights->fournisseur->lire) {
$readok = 0;
}
} else {
if ($feature == 'contact') {
if (!$user->rights->societe->contact->lire) {
$readok = 0;
}
} else {
if ($feature == 'produit|service') {
if (!$user->rights->produit->lire && !$user->rights->service->lire) {
$readok = 0;
}
} else {
if ($feature == 'prelevement') {
if (!$user->rights->prelevement->bons->lire) {
$readok = 0;
}
} else {
if ($feature == 'commande_fournisseur') {
if (!$user->rights->fournisseur->commande->lire) {
$readok = 0;
}
} else {
if ($feature == 'cheque') {
if (!$user->rights->banque->cheque) {
$readok = 0;
}
} else {
if ($feature == 'projet') {
if (!$user->rights->projet->lire && !$user->rights->projet->all->lire) {
$readok = 0;
}
} else {
if (!empty($feature2)) {
if (empty($user->rights->{$feature}->{$feature2}->lire) && empty($user->rights->{$feature}->{$feature2}->read)) {
$readok = 0;
}
} else {
if (!empty($feature) && ($feature != 'user' && $feature != 'usergroup')) {
if (empty($user->rights->{$feature}->lire) && empty($user->rights->{$feature}->read) && empty($user->rights->{$feature}->run)) {
$readok = 0;
}
}
}
}
}
}
}
}
}
}
}
if ($user->admin) {
return 1;
}
if (!$readok) {
accessforbidden();
}
//.........这里部分代码省略.........
示例7: GETPOST
require_once DOL_DOCUMENT_ROOT . '/core/lib/company.lib.php';
// Init vars
$errmsg = '';
$num = 0;
$error = 0;
$backtopage = GETPOST('backtopage', 'alpha');
$action = GETPOST('action', 'alpha');
// Load translation files
$langs->load("main");
$langs->load("members");
$langs->load("companies");
$langs->load("install");
$langs->load("other");
// Security check
if (empty($conf->adherent->enabled)) {
accessforbidden('', 0, 0, 1);
}
if (empty($conf->global->MEMBER_ENABLE_PUBLIC)) {
print $langs->trans("Auto subscription form for public visitors has not been enabled");
exit;
}
$extrafields = new ExtraFields($db);
/**
* Show header for new member
*
* @param string $title Title
* @param string $head Head array
* @param int $disablejs More content into html header
* @param int $disablehead More content into html header
* @param array $arrayofjs Array of complementary js files
* @param array $arrayofcss Array of complementary css files
示例8: require
*/
/**
\file htdocs/commande/note.php
\ingroup commande
\brief Fiche de notes sur une commande
\version $Id: note.php,v 1.24 2011/07/31 22:23:15 eldy Exp $
*/
require("../main.inc.php");
require_once(DOL_DOCUMENT_ROOT.'/lib/order.lib.php');
require_once(DOL_DOCUMENT_ROOT ."/commande/class/commande.class.php");
$socid=isset($_GET["socid"])?$_GET["socid"]:isset($_POST["socid"])?$_POST["socid"]:"";
if (!$user->rights->commande->lire) accessforbidden();
$langs->load("companies");
$langs->load("bills");
$langs->load("orders");
// Security check
$socid=0;
$comid = isset($_GET["id"])?$_GET["id"]:'';
if ($user->societe_id) $socid=$user->societe_id;
$result=restrictedArea($user,'commande',$comid,'');
$id = $_GET['id'];
$ref= $_GET['ref'];
$commande = new Commande($db);
示例9: require_once
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file htdocs/opensurvey/list.php
* \ingroup opensurvey
* \brief Page to list surveys
*/
require_once('../main.inc.php');
require_once(DOL_DOCUMENT_ROOT."/core/lib/admin.lib.php");
require_once(DOL_DOCUMENT_ROOT."/core/lib/files.lib.php");
// Security check
if (!$user->rights->opensurvey->read) accessforbidden();
$action=GETPOST('action');
$id=GETPOST('id','alpha');
$numsondage= $id;
$surveytitle=GETPOST('surveytitle');
$status=GETPOST('status');
//if (! isset($_POST['status']) && ! isset($_GET['status'])) $status='opened'; // If filter unknown, we choose 'opened'
$sortfield = GETPOST("sortfield",'alpha');
$sortorder = GETPOST("sortorder",'alpha');
$limit = GETPOST('limit')?GETPOST('limit','int'):$conf->liste_limit;
$page = GETPOST("page",'int');
if ($page == -1) { $page = 0; }
$offset = $limit * $page;
$pageprev = $page - 1;
示例10: accessforbidden
<?php
require 'config.php';
/*
* Statistique sur les postes de travail de l'ordonnancement
*/
if (!$conf->workstation->enabled) {
accessforbidden($lang->trans('moduleWorkstationNeeded'));
}
if (!$conf->report->enabled) {
accessforbidden($lang->trans('moduleReportNeeded'));
}
define('INC_FROM_DOLIBARR', true);
dol_include_once('/workstation/config.php');
dol_include_once('/report/class/dashboard.class.php');
$PDOdb = new TPDOdb();
$TWS = TWorkstation::getWorstations($PDOdb, false);
llxHeader('', $langs->trans('OrdonnancementStat'));
print_fiche_titre('Filtres');
echo '<div class="tabBar">';
$form1 = new TFormcore('auto', 'form1', 'post');
echo '<table>';
?>
<tr>
<td>Date de début : </td>
<td><?php
echo $form1->calendrier('', 'date_deb', $_REQUEST['date_deb'] ? $_REQUEST['date_deb'] : '');
?>
</td>
</tr>
<tr>
示例11: accessforbidden
}
}
}
}
if (!defined('NOLOGIN')) {
// If the login is not recovered, it is identified with an account that does not exist.
// Hacking attempt?
if (!$user->login) {
accessforbidden();
}
// Check if user is active
if ($user->statut < 1) {
// If not active, we refuse the user
$langs->load("other");
dol_syslog("Authentification ko as login is disabled");
accessforbidden($langs->trans("ErrorLoginDisabled"));
exit;
}
// Load permissions
$user->getrights();
}
dol_syslog("--- Access to " . $_SERVER["PHP_SELF"]);
//Another call for easy debugg
//dol_syslog("Access to ".$_SERVER["PHP_SELF"].' GET='.join(',',array_keys($_GET)).'->'.join(',',$_GET).' POST:'.join(',',array_keys($_POST)).'->'.join(',',$_POST));
// Load main languages files
if (!defined('NOREQUIRETRAN')) {
$langs->load("main");
$langs->load("dict");
}
// Define some constants used for style of arrays
$bc = array(0 => 'class="impair"', 1 => 'class="pair"');
示例12: restrictedProjectArea
/**
* \brief Check if user has read permission on project
* @param user Object user to evaluate
* @param noprint 0=Print forbidden message if no permission, 1=Return -1 if no permission
*/
function restrictedProjectArea($user,$noprint=0)
{
// To verify role of users
$userAccess = 0;
if ($user->rights->projet->all->lire)
{
$userAccess = 1;
}
else if ($this->public && $user->rights->projet->lire)
{
$userAccess = 1;
}
else
{
foreach(array('internal','external') as $source)
{
$userRole = $this->liste_contact(4,$source);
$num=sizeof($userRole);
$nblinks = 0;
while ($nblinks < $num)
{
if (preg_match('/PROJECT/',$userRole[$nblinks]['code']) && $user->id == $userRole[$nblinks]['id'])
{
$userAccess++;
}
$nblinks++;
}
}
//if (empty($nblinks)) // If nobody has permission, we grant creator
//{
// if ((!empty($this->user_author_id) && $this->user_author_id == $user->id))
// {
// $userAccess = 1;
// }
//}
}
if (! $userAccess)
{
if (!$noprint)
{
accessforbidden('',0);
}
else
{
return -1;
}
}
return $userAccess;
}
示例13: require
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file htdocs/comm/mailing/liste.php
* \ingroup mailing
* \brief Liste des mailings
* \version $Id: liste.php,v 1.23 2011/08/03 00:46:33 eldy Exp $
*/
require("../../main.inc.php");
require_once(DOL_DOCUMENT_ROOT."/comm/mailing/class/mailing.class.php");
$langs->load("mails");
if (!$user->rights->mailing->lire) accessforbidden();
// Securite acces client
if ($user->societe_id > 0)
{
$action = '';
$socid = $user->societe_id;
}
$sortfield = GETPOST("sortfield",'alpha');
$sortorder = GETPOST("sortorder",'alpha');
$page = GETPOST("page",'int');
if ($page == -1) { $page = 0; }
$offset = $conf->liste_limit * $page;
$pageprev = $page - 1;
$pagenext = $page + 1;
示例14: restrictedArea
//.........这里部分代码省略.........
$tmpreadok = 0;
} else {
$tmpreadok = 1;
break;
}
}
// Break is to bypass second test if the first is ok
}
if (!$tmpreadok) {
$readok = 0;
// All tests are ko (we manage here the and, the or will be managed later using $nbko).
$nbko++;
}
} else {
if (!empty($feature) && ($feature != 'user' && $feature != 'usergroup')) {
if (empty($user->rights->{$feature}->lire) && empty($user->rights->{$feature}->read) && empty($user->rights->{$feature}->run)) {
$readok = 0;
$nbko++;
}
}
}
}
}
}
}
}
}
}
// If a or and at least one ok
if (preg_match('/\\|/', $features) && $nbko < count($featuresarray)) {
$readok = 1;
}
if (!$readok) {
accessforbidden();
}
//print "Read access is ok";
// Check write permission from module
$createok = 1;
$nbko = 0;
if (GETPOST("action") == 'create') {
foreach ($featuresarray as $feature) {
if ($feature == 'contact') {
if (!$user->rights->societe->contact->creer) {
$createok = 0;
$nbko++;
}
} else {
if ($feature == 'produit|service') {
if (!$user->rights->produit->creer && !$user->rights->service->creer) {
$createok = 0;
$nbko++;
}
} else {
if ($feature == 'prelevement') {
if (!$user->rights->prelevement->bons->creer) {
$createok = 0;
$nbko++;
}
} else {
if ($feature == 'commande_fournisseur') {
if (!$user->rights->fournisseur->commande->creer) {
$createok = 0;
$nbko++;
}
} else {
if ($feature == 'banque') {
示例15: restrictedArea
/**
* Check permissions of a user to show a page and an object. Check read permission
* If $_REQUEST['action'] defined, we also check write and delete permission.
* @param user User to check
* @param features Features to check (in most cases, it's module name)
* @param objectid Object ID if we want to check permission on a particular record (optionnal)
* @param dbtablename Table name where object is stored. Not used if objectid is null (optionnal)
* @param feature2 Feature to check (second level of permission)
* @param dbt_keyfield Field name for socid foreign key if not fk_soc. (optionnal)
* @param dbt_select Field name for select if not rowid. (optionnal)
* @return int Always 1, die process if not allowed
*/
function restrictedArea($user, $features='societe', $objectid=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid')
{
global $db, $conf;
//dol_syslog("functions.lib:restrictedArea $feature, $objectid, $dbtablename,$feature2,$dbt_socfield,$dbt_select");
if ($dbt_select != 'rowid') $objectid = "'".$objectid."'";
//print "user_id=".$user->id.", features=".$features.", feature2=".$feature2.", objectid=".$objectid;
//print ", dbtablename=".$dbtablename.", dbt_socfield=".$dbt_keyfield.", dbt_select=".$dbt_select;
//print ", perm: ".$features."->".$feature2."=".$user->rights->$features->$feature2->lire."<br>";
// More features to check
$features = explode("&",$features);
//var_dump($features);
// Check read permission from module
// TODO Replace "feature" param by permission for reading
$readok=1;
foreach ($features as $feature)
{
if ($feature == 'societe')
{
if (! $user->rights->societe->lire && ! $user->rights->fournisseur->lire) $readok=0;
}
else if ($feature == 'contact')
{
if (! $user->rights->societe->contact->lire) $readok=0;
}
else if ($feature == 'produit|service')
{
if (! $user->rights->produit->lire && ! $user->rights->service->lire) $readok=0;
}
else if ($feature == 'prelevement')
{
if (! $user->rights->prelevement->bons->lire) $readok=0;
}
else if ($feature == 'commande_fournisseur')
{
if (! $user->rights->fournisseur->commande->lire) $readok=0;
}
else if ($feature == 'cheque')
{
if (! $user->rights->banque->cheque) $readok=0;
}
else if ($feature == 'projet')
{
if (! $user->rights->projet->lire && ! $user->rights->projet->all->lire) $readok=0;
}
else if (! empty($feature2)) // This should be used for future changes
{
if (empty($user->rights->$feature->$feature2->lire)
&& empty($user->rights->$feature->$feature2->read)) $readok=0;
}
else if (! empty($feature) && ($feature!='user' && $feature!='usergroup')) // This is for old permissions
{
if (empty($user->rights->$feature->lire)
&& empty($user->rights->$feature->read)
&& empty($user->rights->$feature->run)) $readok=0;
}
}
if (! $readok)
{
//print "Read access is down";
accessforbidden();
}
//print "Read access is ok";
// Check write permission from module
$createok=1;
if ( GETPOST("action") && GETPOST("action") == 'create')
{
foreach ($features as $feature)
{
if ($feature == 'contact')
{
if (! $user->rights->societe->contact->creer) $createok=0;
}
else if ($feature == 'produit|service')
{
if (! $user->rights->produit->creer && ! $user->rights->service->creer) $createok=0;
}
else if ($feature == 'prelevement')
{
if (! $user->rights->prelevement->bons->creer) $createok=0;
}
else if ($feature == 'commande_fournisseur')
{
//.........这里部分代码省略.........