PHP BxDolPrivacy::check方法代码示例

 function getProfileInfoExtra()
 {
     $oPrivacy = new BxDolPrivacy('sys_page_compose_privacy', 'id', 'user_id');
     $aRet = array();
     $r = db_res("SELECT `pc`.`Caption`, `pc`.`Content`, `pc`.`Func`, `pc`.`ID` AS `BlockID`\n            FROM `sys_profile_fields` AS `pf` \n            INNER JOIN `sys_page_compose` AS `pc` \n            ON ((`pc`.`Func` = 'PFBlock' AND `pc`.`Content` = `pf`.`ID`) OR (`pc`.`Func` = 'GeneralInfo' AND " . BX_BLOCK_GENERALINFO . " = `pf`.`ID`) OR (`pc`.`Func` = 'AdditionalInfo' AND " . BX_BLOCK_ADDITIONALINFO . " = `pf`.`ID`))\n            WHERE `pc`.`Page` = 'profile_info' AND `pf`.`Type` = 'block' AND `pc`.`Column` != 0 \n            ORDER BY `pc`.`Column`, `pc`.`Order`");
     while ($a = $r->fetch()) {
         $iPrivacyId = (int) $GLOBALS['MySQL']->getOne("SELECT `id` FROM `sys_page_compose_privacy` WHERE `user_id`='" . $this->_iProfileID . "' AND `block_id`='" . $a['BlockID'] . "' LIMIT 1");
         if ($iPrivacyId != 0 && !$oPrivacy->check('view_block', $iPrivacyId, $this->_iViewerId)) {
             continue;
         }
         switch ($a['Func']) {
             case 'GeneralInfo':
                 $i = BX_BLOCK_GENERALINFO;
                 break;
             case 'AdditionalInfo':
                 $i = BX_BLOCK_ADDITIONALINFO;
                 break;
             default:
                 $i = $a['Content'];
         }
         $aBlock = $this->getProfileInfoBlock($a['Caption'], $i);
         if (false === $aBlock) {
             continue;
         }
         $aRet[] = $aBlock;
     }
     if ($this->_iViewerId == $this->_iProfileID) {
         $aOwnInfo[] = new xmlrpcval(array('Caption' => new xmlrpcval(_t('_E-mail')), 'Type' => new xmlrpcval('text'), 'Value1' => new xmlrpcval($this->_aProfile['Email'])), "struct");
         $aOwnInfo[] = new xmlrpcval(array('Caption' => new xmlrpcval(_t('_Membership2')), 'Type' => new xmlrpcval('text'), 'Value1' => new xmlrpcval(strip_tags(GetMembershipStatus($this->_iProfileID, false, false)))), "struct");
         $aOwnInfo[] = new xmlrpcval(array('Caption' => new xmlrpcval(_t('_Status')), 'Type' => new xmlrpcval('text'), 'Value1' => new xmlrpcval(_t('__' . $this->_aProfile['Status']))), "struct");
         $aRet[] = new xmlrpcval(array('Info' => new xmlrpcval($aOwnInfo, "array"), 'Title' => new xmlrpcval(_t('_Account Info'))), "struct");
     }
     return new xmlrpcval($aRet, "array");
 }

 function genBlock($iBlockID, $aBlock, $bStatic = true, $sDynamicType = 'tab')
 {
     //--- Privacy for Profile page ---//
     $oPrivacy = new BxDolPrivacy('sys_page_compose_privacy', 'id', 'user_id');
     $iPrivacyId = (int) $GLOBALS['MySQL']->getOne("SELECT `id` FROM `sys_page_compose_privacy` WHERE `user_id`='" . $this->oProfileGen->_iProfileID . "' AND `block_id`='" . $iBlockID . "' LIMIT 1");
     if ($iPrivacyId != 0 && !$oPrivacy->check('view_block', $iPrivacyId, $this->iMemberID)) {
         return false;
     }
     //--- Privacy for Profile page ---//
     return parent::genBlock($iBlockID, $aBlock, $bStatic, $sDynamicType);
 }

 /**
  * @description : function will generate profile block (used the profile template );
  * @return      : Html presentation data ;
  */
 function PrintSearhResult($aProfileInfo, $aCoupleInfo = '', $aExtendedKey = null, $sTemplateName = '', $oCustomTemplate = null)
 {
     global $site;
     global $aPreValues;
     $iVisitorID = getLoggedId();
     $bExtMode = !empty($_GET['mode']) && $_GET['mode'] == 'extended' || !empty($_GET['search_result_mode']) && $_GET['search_result_mode'] == 'ext';
     $isShowMatchPercent = $bExtMode && $iVisitorID && $iVisitorID != $aProfileInfo['ID'] && getParam('view_match_percent') && getParam('enable_match');
     $bPublic = $bExtMode ? bx_check_profile_visibility($aProfileInfo['ID'], $iVisitorID, true) : true;
     if ($bPublic && $iVisitorID != $aProfileInfo['ID'] && !isAdmin()) {
         $oPrivacy = new BxDolPrivacy('sys_page_compose_privacy', 'id', 'user_id');
         $iBlockID = $GLOBALS['MySQL']->getOne("SELECT `ID` FROM `sys_page_compose` WHERE `Page` = 'profile' AND `Func` = 'Description' AND `Column` != 0");
         $iPrivacyId = (int) $GLOBALS['MySQL']->getOne("SELECT `id` FROM `sys_page_compose_privacy` WHERE `user_id`='{$aProfileInfo['ID']}' AND `block_id`='{$iBlockID}' LIMIT 1");
         $bPublic = !$iBlockID || !$iPrivacyId || $oPrivacy->check('view_block', $iPrivacyId, $iVisitorID);
     }
     $sProfileThumb = get_member_thumbnail($aProfileInfo['ID'], 'none', !$bExtMode, 'visitor');
     $sProfileMatch = $isShowMatchPercent ? $GLOBALS['oFunctions']->getProfileMatch($iVisitorID, $aProfileInfo['ID']) : '';
     $sProfileNickname = '<a href="' . getProfileLink($aProfileInfo['ID']) . '">' . getNickName($aProfileInfo['ID']) . '</a>';
     $sProfileInfo = $GLOBALS['oFunctions']->getUserInfo($aProfileInfo['ID']);
     $sProfileDesc = $bPublic ? strmaxtextlen($aProfileInfo['DescriptionMe'], 130) : _t('_sys_profile_private_text_title');
     $sProfileZodiac = $bPublic && $bExtMode && getParam('zodiac') ? $GLOBALS['oFunctions']->getProfileZodiac($aProfileInfo['DateOfBirth']) : '';
     $sProfile2ASc1 = $sProfile2ASc2 = $sProfile2Nick = $sProfile2Desc = $sProfile2Info = $sProfile2Zodiac = '';
     if ($aCoupleInfo) {
         $sProfile2Nick = '<a href="' . getProfileLink($aCoupleInfo['ID']) . '">' . getNickName($aCoupleInfo['ID']) . '</a>';
         $sProfile2Info = $GLOBALS['oFunctions']->getUserInfo($aCoupleInfo['ID']);
         $sProfile2Desc = $bPublic ? strmaxtextlen($aCoupleInfo['DescriptionMe'], 130) : _t('_sys_profile_private_text_title');
         $sProfile2Zodiac = $bPublic && $bExtMode && getParam('zodiac') ? $GLOBALS['oFunctions']->getProfileZodiac($aCoupleInfo['DateOfBirth']) : '';
         $sProfile2ASc1 = 'float:left;width:31%;margin-right:10px;';
         $sProfile2ASc2 = 'float:left;width:31%;display:block;';
     } else {
         $sProfile2ASc2 = 'display:none;';
     }
     $aKeys = array('thumbnail' => $sProfileThumb, 'match' => $sProfileMatch, 'nick' => $sProfileNickname, 'info' => $sProfileInfo, 'i_am_desc' => $sProfileDesc, 'zodiac_sign' => $sProfileZodiac, 'nick2' => $sProfile2Nick, 'info2' => $sProfile2Info, 'i_am_desc2' => $sProfile2Desc, 'zodiac_sign2' => $sProfile2Zodiac, 'add_style_c1' => $sProfile2ASc1, 'add_style_c2' => $sProfile2ASc2);
     if ($aExtendedKey and is_array($aExtendedKey) and !empty($aExtendedKey)) {
         foreach ($aExtendedKey as $sKey => $sValue) {
             $aKeys[$sKey] = $sValue;
         }
     } else {
         $aKeys['ext_css_class'] = '';
     }
     return $oCustomTemplate ? $oCustomTemplate->parseHtmlByName($sTemplateName, $aKeys) : $GLOBALS['oSysTemplate']->parseHtmlByName($sTemplateName, $aKeys);
 }

 function getUserInfo($sUser, $sPwd, $sNick, $sLang)
 {
     $iIdProfile = BxDolXMLRPCUtil::getIdByNickname($sNick);
     if (!$iIdProfile || !($iId = BxDolXMLRPCUtil::checkLogin($sUser, $sPwd))) {
         return new xmlrpcresp(new xmlrpcval(array('error' => new xmlrpcval(1, "int")), "struct"));
     }
     BxDolXMLRPCUtil::setLanguage($sLang);
     if ($iIdProfile != $iId) {
         // privacy
         bx_import('BxDolPrivacy');
         $oPrivacy = new BxDolPrivacy('Profiles', 'ID', 'ID');
         if ($iIdProfile != $iId && !$oPrivacy->check('view', $iIdProfile, $iId)) {
             return new xmlrpcval('-1');
         }
         // membership
         $aCheckRes = checkAction($iId, ACTION_ID_VIEW_PROFILES, true, $iIdProfile);
         if ($aCheckRes[CHECK_ACTION_RESULT] != CHECK_ACTION_RESULT_ALLOWED) {
             return new xmlrpcval($aCheckRes[CHECK_ACTION_MESSAGE]);
         }
     }
     $aRet = BxDolXMLRPCUtil::getUserInfo($iIdProfile);
     return new xmlrpcval($aRet, "struct");
 }

 function _checkUserPrivacy($iId, $iIdProfile)
 {
     $mixedAccessDenied = false;
     if ($iIdProfile != $iId) {
         // membership
         $aCheckRes = checkAction($iId, ACTION_ID_VIEW_PROFILES, true, $iIdProfile);
         if ($aCheckRes[CHECK_ACTION_RESULT] != CHECK_ACTION_RESULT_ALLOWED) {
             $mixedAccessDenied = strip_tags($aCheckRes[CHECK_ACTION_MESSAGE]);
         }
         // privacy
         if (false === $mixedAccessDenied) {
             bx_import('BxDolPrivacy');
             $oPrivacy = new BxDolPrivacy('Profiles', 'ID', 'ID');
             if ($iIdProfile != $iId && !$oPrivacy->check('view', $iIdProfile, $iId)) {
                 $mixedAccessDenied = '-1';
             }
         }
     }
     bx_import('BxDolAlerts');
     $oZ = new BxDolAlerts('mobile', 'view_profile', $iIdProfile, $iId, array('access_denied' => &$mixedAccessDenied));
     $oZ->alert();
     if (false !== $mixedAccessDenied) {
         return new xmlrpcval($mixedAccessDenied);
     }
     return true;
 }

/**
 * Check profile existing, membership/acl, profile status and privacy.
 * If some of visibility options are not allowed then appropritate page is shown and exit called.
 * @param $iViewedId viewed member id
 * @param $iViewerId viewer member id
 * @return nothing
 */
function bx_check_profile_visibility($iViewedId, $iViewerId = 0, $bReturn = false)
{
    global $logged, $site, $_page, $_page_cont, $p_arr;
    // check if profile exists
    if (!$iViewedId) {
        if ($bReturn) {
            return false;
        }
        $GLOBALS['oSysTemplate']->displayPageNotFound();
        exit;
    }
    // check if viewer can view profile
    $bPerform = $iViewedId == $iViewerId ? FALSE : TRUE;
    $check_res = checkAction($iViewerId, ACTION_ID_VIEW_PROFILES, $bPerform, $iViewedId);
    if ($check_res[CHECK_ACTION_RESULT] != CHECK_ACTION_RESULT_ALLOWED && !$logged['admin'] && !$logged['moderator'] && $iViewerId != $iViewedId) {
        if ($bReturn) {
            return false;
        }
        $_page['header'] = "{$site['title']} " . _t("_Member Profile");
        $_page['header_text'] = "{$site['title']} " . _t("_Member Profile");
        $_page['name_index'] = 0;
        $_page_cont[0]['page_main_code'] = MsgBox($check_res[CHECK_ACTION_MESSAGE]);
        PageCode();
        exit;
    }
    bx_import('BxBaseProfileView');
    $oProfile = new BxBaseProfileGenerator($iViewedId);
    $p_arr = $oProfile->_aProfile;
    // check if viewed member is active
    if (!($p_arr['ID'] && ($logged['admin'] || $logged['moderator'] || $oProfile->owner || $p_arr['Status'] == 'Active'))) {
        if ($bReturn) {
            return false;
        }
        header("HTTP/1.1 404 Not Found");
        $GLOBALS['oSysTemplate']->displayMsg(_t("_Profile NA"));
        exit;
    }
    // check privacy
    if (!$logged['admin'] && !$logged['moderator'] && $iViewerId != $iViewedId) {
        $oPrivacy = new BxDolPrivacy('Profiles', 'ID', 'ID');
        if (!$oPrivacy->check('view', $iViewedId, $iViewerId)) {
            if ($bReturn) {
                return false;
            }
            bx_import('BxDolProfilePrivatePageView');
            $oProfilePrivateView = new BxDolProfilePrivatePageView($oProfile, $site, $dir);
            $_page['name_index'] = 7;
            $_page_cont[7]['page_main_code'] = $oProfilePrivateView->getCode();
            PageCode();
            exit;
        }
    }
    if ($bReturn) {
        return true;
    }
}

}
// Check if member can view profile
$check_res = checkAction($memberID, ACTION_ID_VIEW_PROFILES, true, $profileID);
if ($check_res[CHECK_ACTION_RESULT] != CHECK_ACTION_RESULT_ALLOWED && !$logged['admin'] && !$logged['moderator'] && $memberID != $profileID) {
    $_page['header'] = "{$site['title']} " . _t("_Member Profile");
    $_page['header_text'] = "{$site['title']} " . _t("_Member Profile");
    $_page['name_index'] = 0;
    $_page_cont[0]['page_main_code'] = MsgBox($check_res[CHECK_ACTION_MESSAGE]);
    PageCode();
    exit;
}
$oProfile = new BxBaseProfileGenerator($profileID);
if (!$logged['admin'] && !$logged['moderator'] && $memberID != $profileID) {
    //Check privacy
    $oPrivacy = new BxDolPrivacy('Profiles', 'ID', 'ID');
    if (!$oPrivacy->check('view', $profileID, $memberID)) {
        $_page['name_index'] = 0;
        $_page['header'] = "{$site['title']} " . _t("_Member Profile");
        $_page['header_text'] = "{$site['title']} " . _t("_Member Profile");
        $_page_cont[0]['page_main_code'] = MsgBox(_t('_INVALID_ROLE'));
        PageCode();
        exit;
    }
}
$oProfile->oCmtsView->getExtraCss();
$oProfile->oCmtsView->getExtraJs();
$oProfile->oVotingView->getExtraJs();
$p_arr = $oProfile->_aProfile;
if (!($p_arr['ID'] && ($logged['admin'] || $logged['moderator'] || $oProfile->owner || $p_arr['Status'] == 'Active'))) {
    header("HTTP/1.1 404 Not Found");
    $_page['header'] = "{$site['title']} " . _t("_Member Profile");

 /**
  * Get location array
  * @param $sPart module/part name
  * @param $iEntryId entry's id which location is edited
  * @param $iViewer viewer profile id
  * @return false - location undefined, -1 - access denied, array - all good
  */
 function serviceGetLocation($sPart, $iEntryId, $iViewer = false)
 {
     if (false === $iViewer) {
         $iViewer = getLoggedId();
     }
     if ('profiles' == $sPart) {
         if (!bx_check_profile_visibility($iEntryId, $iViewer, true)) {
             return -1;
         }
     } else {
         bx_import('BxDolPrivacy');
         $oPrivacy = new BxDolPrivacy($this->_aParts[$sPart]['join_table'], $this->_aParts[$sPart]['join_field_id'], $this->_aParts[$sPart]['join_field_author']);
         if (!$oPrivacy->check('view', $iEntryId, $iViewer)) {
             return -1;
         }
     }
     $aLocation = $this->_oDb->getDirectLocation($iEntryId, $this->_aParts[$sPart]);
     if (!$aLocation || !$aLocation['lat'] && $aLocation['lng']) {
         return false;
     }
     if (false === $aLocation['zoom'] || -1 == $aLocation['zoom']) {
         $aLocation['zoom'] = getParam("bx_wmap_edit_{$sPart}_zoom");
     }
     if (!$aLocation['type']) {
         $aLocation['type'] = getParam("bx_wmap_edit_{$sPart}_map_type");
     }
     return $aLocation;
 }