当前位置: 首页>>代码示例>>PHP>>正文


PHP Security::getCurrentToken方法代码示例

本文整理汇总了PHP中Security::getCurrentToken方法的典型用法代码示例。如果您正苦于以下问题:PHP Security::getCurrentToken方法的具体用法?PHP Security::getCurrentToken怎么用?PHP Security::getCurrentToken使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在Security的用法示例。


在下文中一共展示了Security::getCurrentToken方法的11个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: edit_filter

function edit_filter($id, $url_params, $row)
{
    global $charset;
    $return = '<a href="user_fields_add.php?action=edit&field_id=' . $row[0] . '&field_type=' . $row[2] . '&sec_token=' . Security::getCurrentToken() . '">' . Display::return_icon('edit.png', get_lang('Edit')) . '</a>';
    $return .= ' <a href="' . api_get_self() . '?action=delete&field_id=' . $row[0] . '&sec_token=' . Security::getCurrentToken() . '" onclick="javascript:if(!confirm(' . "'" . addslashes(get_lang("ConfirmYourChoice")) . "'" . ')) return false;">' . Display::return_icon('delete.png', get_lang('Delete')) . '</a>';
    return $return;
}
开发者ID:ilosada,项目名称:chamilo-lms-icpna,代码行数:7,代码来源:user_fields.php

示例2: api_not_allowed

    $is_member = $usergroup->is_group_member($group_id);
    if ($group_info['visibility'] == GROUP_PERMISSION_CLOSED && !$is_member) {
        api_not_allowed(true);
    }
}
if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'delete') {
    $group_role = $usergroup->get_user_group_role(api_get_user_id(), $group_id);
    if (api_is_platform_admin() || in_array($group_role, array(GROUP_USER_PERMISSION_ADMIN, GROUP_USER_PERMISSION_MODERATOR))) {
        $usergroup->delete_topic($group_id, $topic_id);
        header("Location: groups.php?id={$group_id}&action=show_message&msg=topic_deleted");
        exit;
    }
}
$content = null;
// save message group
$currentToken = Security::getCurrentToken();
if (isset($_POST['action'])) {
    $title = isset($_POST['title']) ? $_POST['title'] : null;
    $content = $_POST['content'];
    $group_id = intval($_POST['group_id']);
    $parent_id = intval($_POST['parent_id']);
    if ($_POST['action'] == 'reply_message_group') {
        $title = Text::cut($content, 50);
    }
    if ($_POST['action'] == 'edit_message_group') {
        $edit_message_id = intval($_POST['message_id']);
        $res = MessageManager::send_message(0, $title, $content, $_FILES, '', $group_id, $parent_id, $edit_message_id, 0, $topic_id);
    } else {
        if ($_POST['action'] == 'add_message_group' && !$is_member) {
            api_not_allowed();
        }
开发者ID:ragebat,项目名称:chamilo-lms,代码行数:31,代码来源:group_topics.php

示例3: get_lang

    }
    if ($active == '0') {
        $action = 'unlock';
        $image = 'wrong';
    }
    // you cannot lock the default
    if ($row['id'] == '1') {
        $status = Display::return_icon($image . '.gif', get_lang(ucfirst($action)));
    } else {
        $status = '<a href="access_urls.php?action=' . $action . '&amp;url_id=' . $row['id'] . '&amp;sec_token=' . Security::getCurrentToken() . '">' . Display::return_icon($image . '.gif', get_lang(ucfirst($action))) . '</a>';
    }
    //Actions
    $url_id = $row['id'];
    $actions = Display::url(Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL), "access_url_edit.php?url_id={$url_id}");
    if ($url_id != '1') {
        $actions .= '<a href="access_urls.php?action=delete_url&amp;url_id=' . $url_id . '&amp;sec_token=' . Security::getCurrentToken() . '" onclick="javascript:if(!confirm(' . "'" . addslashes(get_lang("ConfirmYourChoice")) . "'" . ')) return false;">' . Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL) . '</a>';
    }
    $urls[] = array($url, $name, $type, $tech, $contact, $status, $actions);
}
$table = new SortableTableFromArrayConfig($urls, 2, 50, 'urls');
$table->set_additional_parameters($parameters);
//$table->set_header(0, '');
$table->set_header(0, 'URL');
$table->set_header(1, get_lang('Name'));
$table->set_header(2, get_lang('URLType'));
$table->set_header(3, 'Dl/Ul/Delay in Kbit/s');
$table->set_header(4, get_lang('Contact'));
$table->set_header(5, get_lang('Active'));
$table->set_header(6, get_lang('Modify'), false);
$table->display();
/*        FOOTER    */
开发者ID:ilosada,项目名称:chamilo-lms-icpna,代码行数:31,代码来源:access_urls.php

示例4: modify_filter


//.........这里部分代码省略.........
    $user_is_anonymous = false;
    $current_user_status_label = $row['7'];
    if ($current_user_status_label == $statusname[ANONYMOUS]) {
        $user_is_anonymous = true;
    }
    $result = '';
    if (!$user_is_anonymous) {
        $icon = Display::return_icon('course.png', get_lang('Courses'), array('onmouseout' => 'clear_course_list (\'div_' . $user_id . '\')'));
        $result .= '<a href="javascript:void(0)" onclick="load_course_list(\'div_' . $user_id . '\',' . $user_id . ')" >
			        ' . $icon . '
					<div class="blackboard_hide" id="div_' . $user_id . '">&nbsp;&nbsp;</div>
					</a>';
        $icon = Display::return_icon('session.png', get_lang('Sessions'), array('onmouseout' => 'clear_session_list (\'div_s_' . $user_id . '\')'));
        $result .= '<a href="javascript:void(0)" onclick="load_session_list(\'div_s_' . $user_id . '\',' . $user_id . ')" >
					' . $icon . '
					<div class="blackboard_hide" id="div_s_' . $user_id . '">&nbsp;&nbsp;</div>
					</a>';
    } else {
        $result .= Display::return_icon('course_na.png', get_lang('Courses')) . '&nbsp;&nbsp;';
        $result .= Display::return_icon('course_na.png', get_lang('Sessions')) . '&nbsp;&nbsp;';
    }
    if (api_is_platform_admin()) {
        if (!$user_is_anonymous) {
            $result .= '<a href="user_information.php?user_id=' . $user_id . '">' . Display::return_icon('synthese_view.gif', get_lang('Info')) . '</a>&nbsp;&nbsp;';
        } else {
            $result .= Display::return_icon('synthese_view_na.gif', get_lang('Info')) . '&nbsp;&nbsp;';
        }
    }
    //only allow platform admins to login_as, or session admins only for
    // students (not teachers nor other admins), and only if all options
    // match to say this user has the permission to do so
    // $_configuration['login_as_forbidden_globally'], defined in
    // configuration.php, is the master key to these conditions
    global $_configuration;
    if (empty($_configuration['login_as_forbidden_globally']) && (api_is_global_platform_admin() || api_get_setting('login_as_allowed') === 'true' && (api_is_platform_admin() || api_is_session_admin() && $current_user_status_label == $statusname[STUDENT]))) {
        if (!$user_is_anonymous) {
            if ($app['security']->isGranted('ROLE_GLOBAL_ADMIN')) {
                // everything looks good, show "login as" link
                if ($user_id != $userId) {
                    $result .= '<a href="' . api_get_path(WEB_PUBLIC_PATH) . '?_switch_user=' . $row[5] . '">' . Display::return_icon('login_as.gif', get_lang('LoginAs')) . '</a>&nbsp;&nbsp;';
                } else {
                    $result .= Display::return_icon('login_as_na.gif', get_lang('LoginAs')) . '&nbsp;&nbsp;';
                }
            } else {
                // if this user in particular can't be edited, show disabled
                $result .= Display::return_icon('login_as_na.gif', get_lang('LoginAs')) . '&nbsp;&nbsp;';
            }
        } else {
            // if anonymous user but other users show the option, show disabled
            $result .= Display::return_icon('login_as_na.gif', get_lang('LoginAs')) . '&nbsp;&nbsp;';
        }
    }
    // Else don't show anything, because the option is not available at all
    //$result .= Display::url('<i class="icon-key icon-large"></i>', 'roles');
    if ($current_user_status_label != $statusname[STUDENT]) {
        $result .= Display::return_icon('statistics_na.gif', get_lang('Reporting')) . '&nbsp;&nbsp;';
    } else {
        $result .= '<a href="../mySpace/myStudents.php?student=' . $user_id . '">' . Display::return_icon('statistics.gif', get_lang('Reporting')) . '</a>&nbsp;&nbsp;';
    }
    if (api_is_platform_admin(true)) {
        if (!$user_is_anonymous && api_global_admin_can_edit_admin($user_id, null, true)) {
            $result .= '<a href="user_edit.php?user_id=' . $user_id . '">' . Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL) . '</a>&nbsp;';
        } else {
            $result .= Display::return_icon('edit_na.png', get_lang('Edit'), array(), ICON_SIZE_SMALL) . '</a>&nbsp;';
        }
    }
    if ($is_admin) {
        $result .= Display::return_icon('admin_star.png', get_lang('IsAdministrator'), array('width' => ICON_SIZE_SMALL, 'heigth' => ICON_SIZE_SMALL));
    } else {
        $result .= Display::return_icon('admin_star_na.png', get_lang('IsNotAdministrator'));
    }
    // actions for assigning sessions, courses or users
    if (api_is_session_admin()) {
        /*if ($row[0] == api_get_user_id()) {
        			$result .= '<a href="dashboard_add_sessions_to_user.php?user='.$user_id.'">'.Display::return_icon('view_more_stats.gif', get_lang('AssignSessions')).'</a>&nbsp;&nbsp;';
        		}*/
    } else {
        if ($current_user_status_label == $statusname[DRH] || UserManager::is_admin($user_id)) {
            $result .= '<a href="dashboard_add_users_to_user.php?user=' . $user_id . '">' . Display::return_icon('user_subscribe_course.png', get_lang('AssignUsers'), '', ICON_SIZE_SMALL) . '</a>';
            $result .= '<a href="dashboard_add_courses_to_user.php?user=' . $user_id . '">' . Display::return_icon('course_add.gif', get_lang('AssignCourses')) . '</a>&nbsp;&nbsp;';
            $result .= '<a href="dashboard_add_sessions_to_user.php?user=' . $user_id . '">' . Display::return_icon('view_more_stats.gif', get_lang('AssignSessions')) . '</a>&nbsp;&nbsp;';
        } else {
            if ($current_user_status_label == $statusname[SESSIONADMIN]) {
                $result .= '<a href="dashboard_add_sessions_to_user.php?user=' . $user_id . '">' . Display::return_icon('view_more_stats.gif', get_lang('AssignSessions')) . '</a>&nbsp;&nbsp;';
            }
        }
    }
    if (api_is_platform_admin()) {
        $result .= ' <a href="' . api_get_path(WEB_AJAX_PATH) . 'agenda.ajax.php?a=get_user_agenda&amp;user_id=' . $user_id . '" class="agenda_opener">' . Display::return_icon('month.png', get_lang('FreeBusyCalendar'), array(), ICON_SIZE_SMALL) . '</a>';
        if ($delete_user_available) {
            if ($user_id != api_get_user_id() && !$user_is_anonymous && api_global_admin_can_edit_admin($user_id)) {
                // you cannot lock yourself out otherwise you could disable all the accounts including your own => everybody is locked out and nobody can change it anymore.
                $result .= ' <a href="user_list.php?action=delete_user&amp;user_id=' . $user_id . '&amp;' . $url_params . '&amp;sec_token=' . Security::getCurrentToken() . '"  onclick="javascript:if(!confirm(' . "'" . addslashes(get_lang("ConfirmYourChoice")) . "'" . ')) return false;">' . Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL) . '</a>';
            } else {
                $result .= Display::return_icon('delete_na.png', get_lang('Delete'), array(), ICON_SIZE_SMALL);
            }
        }
    }
    return $result;
}
开发者ID:ilosada,项目名称:chamilo-lms-icpna,代码行数:101,代码来源:user_list.php

示例5: actions_filter

function actions_filter($option_id, $url_params, $row)
{
    global $number_of_options;
    if ($row[0] != 1) {
        $return .= '<a href="' . api_get_self() . '?action=moveup&amp;option_id=' . $option_id . '&amp;field_id=' . Security::remove_XSS($_GET['field_id']) . '&amp;sec_token=' . Security::getCurrentToken() . '">' . Display::return_icon('up.gif', get_lang('Up')) . '</a>';
    } else {
        $return .= Display::return_icon('blank.gif', '', array('width' => '21px'));
    }
    // the down icon only has to appear when the row can be moved down (all but the last row)
    if ($row[0] != $number_of_options) {
        $return .= '<a href="' . api_get_self() . '?action=movedown&amp;option_id=' . $option_id . '&amp;field_id=' . Security::remove_XSS($_GET['field_id']) . '&amp;sec_token=' . Security::getCurrentToken() . '">' . Display::return_icon('down.gif', get_lang('Down')) . '</a>';
    }
    return $return;
}
开发者ID:ilosada,项目名称:chamilo-lms-icpna,代码行数:14,代码来源:user_fields_options.php

示例6: array

// Breadcrumbs.
$interbreadcrumb[] = array('url' => api_get_path(WEB_PATH) . 'user_portal.php', 'name' => get_lang('MyCourses'));
if (empty($nameTools)) {
    $nameTools = get_lang('CourseManagement');
} else {
    if (!in_array($action, array('sortmycourses', 'createcoursecategory', 'display_random_courses', 'display_courses', 'subscribe'))) {
        $interbreadcrumb[] = array('url' => api_get_path(WEB_CODE_PATH) . 'auth/courses.php', 'name' => get_lang('CourseManagement'));
    }
    if ($action == 'createcoursecategory') {
        $interbreadcrumb[] = array('url' => api_get_path(WEB_CODE_PATH) . 'auth/courses.php?action=sortmycourses', 'name' => get_lang('SortMyCourses'));
    }
    $interbreadcrumb[] = array('url' => '#', 'name' => $nameTools);
}
// course description controller object
$courses_controller = new CoursesController();
$ctok = Security::getCurrentToken();
// We are moving a course or category of the user up/down the list (=Sort My Courses).
if (isset($_GET['move'])) {
    if (isset($_GET['course'])) {
        if ($ctok == $_GET['sec_token']) {
            $courses_controller->move_course($_GET['move'], $_GET['course'], $_GET['category']);
        }
    }
    if (isset($_GET['category']) && !$_GET['course']) {
        if ($ctok == $_GET['sec_token']) {
            $courses_controller->move_category($_GET['move'], $_GET['category']);
        }
    }
}
// We are moving the course of the user to a different user defined course category (=Sort My Courses).
if (isset($_POST['submit_change_course_category'])) {
开发者ID:ilosada,项目名称:chamilo-lms-icpna,代码行数:31,代码来源:courses.php

示例7: check_token

 /**
  * This function checks that the token generated in get_token() has been kept (prevents
  * Cross-Site Request Forgeries attacks)
  * @param string $request_type The array in which to get the token ('get' or 'post')
  *
  * @return bool True if it's the right token, false otherwise
  *
  */
 public static function check_token($request_type = 'post')
 {
     $currentSessionToken = Security::getCurrentToken();
     switch ($request_type) {
         case 'request':
             if (isset($currentSessionToken) && isset($_REQUEST['sec_token']) && $currentSessionToken === $_REQUEST['sec_token']) {
                 return true;
             }
             return false;
         case 'get':
             if (isset($currentSessionToken) && isset($_GET['sec_token']) && $currentSessionToken === $_GET['sec_token']) {
                 return true;
             }
             return false;
         case 'post':
             if (isset($currentSessionToken) && isset($_POST['sec_token']) && $currentSessionToken === $_POST['sec_token']) {
                 return true;
             }
             return false;
         default:
             if (isset($currentSessionToken) && isset($request_type) && $currentSessionToken === $request_type) {
                 return true;
             }
             return false;
     }
     return false;
     // Just in case, don't let anything slip.
 }
开发者ID:ilosada,项目名称:chamilo-lms-icpna,代码行数:36,代码来源:security.lib.php

示例8: subscribe_user

 /**
  * Subscribe the user to a given course
  * @param string Course code
  * @return string  Message about results
  */
 public function subscribe_user($course_code)
 {
     $user_id = api_get_user_id();
     $all_course_information = CourseManager::get_course_information($course_code);
     if ($all_course_information['registration_code'] == '' || $_POST['course_registration_code'] == $all_course_information['registration_code']) {
         if (api_is_platform_admin()) {
             $status_user_in_new_course = COURSEMANAGER;
         } else {
             $status_user_in_new_course = null;
         }
         if (CourseManager::add_user_to_course($user_id, $all_course_information['real_id'], $status_user_in_new_course)) {
             $send = api_get_course_setting('email_alert_to_teacher_on_new_user_in_course', $course_code);
             if ($send == 1) {
                 CourseManager::email_to_tutor($user_id, $course_code, $send_to_tutor_also = false);
             } else {
                 if ($send == 2) {
                     CourseManager::email_to_tutor($user_id, $course_code, $send_to_tutor_also = true);
                 }
             }
             $url = Display::url($all_course_information['title'], api_get_course_url($course_code));
             $message = sprintf(get_lang('EnrollToCourseXSuccessful'), $url);
         } else {
             $message = get_lang('ErrorContactPlatformAdmin');
         }
         return array('message' => $message);
     } else {
         if (isset($_POST['course_registration_code']) && $_POST['course_registration_code'] != $all_course_information['registration_code']) {
             return false;
         }
         $message = get_lang('CourseRequiresPassword') . '<br />';
         $message .= $all_course_information['title'] . ' (' . $all_course_information['visual_code'] . ') ';
         $action = api_get_path(WEB_CODE_PATH) . "auth/courses.php?action=subscribe_user_with_password&sec_token=" . Security::getCurrentToken();
         $form = new FormValidator('subscribe_user_with_password', 'post', $action);
         $form->addElement('hidden', 'sec_token', Security::getCurrentToken());
         $form->addElement('hidden', 'subscribe_user_with_password', $all_course_information['code']);
         $form->addElement('text', 'course_registration_code');
         $form->addElement('button', 'submit', get_lang('SubmitRegistrationCode'));
         $content = $form->return_form();
         return array('message' => $message, 'content' => $content);
     }
 }
开发者ID:ilosada,项目名称:chamilo-lms-icpna,代码行数:46,代码来源:auth.lib.php

示例9: active_filter

/**
 * Build the active-column of the table to lock or unlock a certain user
 * lock = the user can no longer use this account
 * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University
 * @param int $active the current state of the account
 * @param int $user_id The user id
 * @param string $url_params
 * @return string Some HTML-code with the lock/unlock button
 */
function active_filter($active, $url_params, $row)
{
    global $_user;
    if ($active == '1') {
        $action = 'lock';
        $image = 'right';
    } elseif ($active == '-1') {
        $action = 'edit';
        $image = 'expired';
    } elseif ($active == '0') {
        $action = 'unlock';
        $image = 'wrong';
    }
    if ($action == 'edit') {
        $result = Display::return_icon($image . '.gif', get_lang('AccountExpired'));
    } elseif ($row['0'] != $_user['user_id']) {
        // you cannot lock yourself out otherwise you could disable all the accounts including your own => everybody is locked out and nobody can change it anymore.
        $result = '<a href="user_list.php?action=' . $action . '&amp;user_id=' . $row['0'] . '&amp;' . $url_params . '&amp;sec_token=' . Security::getCurrentToken() . '">' . Display::return_icon($image . '.gif', get_lang(ucfirst($action))) . '</a>';
    }
    return $result;
}
开发者ID:ragebat,项目名称:chamilo-lms,代码行数:30,代码来源:group_list.php

示例10: modify_filter

/**
 * Build the modify-column of the table
 * @param int $user_id The user id
 * @param string $url_params
 * @return string Some HTML-code with modify-buttons
 * @author    Mustapha Alouani
 */
function modify_filter($user_id, $url_params, $row)
{
    $url_params_id = "id[]=" . $row[0];
    //$url_params_id="id=".$row[0];
    $result .= '<a href="ldap_users_list.php?action=add_user&amp;user_id=' . $user_id . '&amp;id_session=' . Security::remove_XSS($_GET['id_session']) . '&amp;' . $url_params_id . '&amp;sec_token=' . Security::getCurrentToken() . '"  onclick="javascript:if(!confirm(' . "'" . addslashes(api_htmlentities(get_lang("ConfirmYourChoice"), ENT_QUOTES, api_get_system_encoding())) . "'" . ')) return false;">' . Display::return_icon('add_user.gif', get_lang('AddUsers')) . '</a>';
    return $result;
}
开发者ID:ilosada,项目名称:chamilo-lms-icpna,代码行数:14,代码来源:authldap.php

示例11: modify_filter

/**
 * Build the modify-column of the table
 * @param   int     The user id
 * @param   string  URL params to add to table links
 * @param   array   Row of elements to alter
 * @return string Some HTML-code with modify-buttons
 */
function modify_filter($user_id, $url_params, $row)
{
    global $delete_user_available;
    $userId = api_get_user_id();
    $is_admin = $row['is_admin'];
    $user_is_anonymous = $row['is_anonymous'];
    $result = '';
    if (!$user_is_anonymous) {
        $icon = Display::return_icon('course.png', get_lang('Courses'), array('onmouseout' => 'clear_course_list (\'div_' . $user_id . '\')'));
        $result .= '<a href="javascript:void(0)" onclick="load_course_list(\'div_' . $user_id . '\',' . $user_id . ')" >
			        ' . $icon . '
					<div class="blackboard_hide" id="div_' . $user_id . '">&nbsp;&nbsp;</div>
					</a>';
        $icon = Display::return_icon('session.png', get_lang('Sessions'), array('onmouseout' => 'clear_session_list (\'div_s_' . $user_id . '\')'));
        $result .= '<a href="javascript:void(0)" onclick="load_session_list(\'div_s_' . $user_id . '\',' . $user_id . ')" >
					' . $icon . '
					<div class="blackboard_hide" id="div_s_' . $user_id . '">&nbsp;&nbsp;</div>
					</a>';
    } else {
        $result .= Display::return_icon('course_na.png', get_lang('Courses')) . '&nbsp;&nbsp;';
        $result .= Display::return_icon('course_na.png', get_lang('Sessions')) . '&nbsp;&nbsp;';
    }
    if (api_is_platform_admin()) {
        if (!$user_is_anonymous) {
            $result .= '<a href="user_information.php?user_id=' . $user_id . '">' . Display::return_icon('synthese_view.gif', get_lang('Info')) . '</a>&nbsp;&nbsp;';
        } else {
            $result .= Display::return_icon('synthese_view_na.gif', get_lang('Info')) . '&nbsp;&nbsp;';
        }
    }
    //only allow platform admins to login_as, or session admins only for
    // students (not teachers nor other admins), and only if all options
    // match to say this user has the permission to do so
    // $_configuration['login_as_forbidden_globally'], defined in
    // configuration.php, is the master key to these conditions
    if (Container::getSecurity()->isGranted('ROLE_GLOBAL_ADMIN')) {
        // everything looks good, show "login as" link
        if ($user_id != $userId) {
            $result .= '<a href="' . api_get_path(WEB_PUBLIC_PATH) . '?_switch_user=' . $row[5] . '">' . Display::return_icon('login_as.gif', get_lang('LoginAs')) . '</a>&nbsp;&nbsp;';
        } else {
            $result .= Display::return_icon('login_as_na.gif', get_lang('LoginAs')) . '&nbsp;&nbsp;';
        }
    } else {
        // if this user in particular can't be edited, show disabled
        $result .= Display::return_icon('login_as_na.gif', get_lang('LoginAs')) . '&nbsp;&nbsp;';
    }
    if (api_is_platform_admin(true)) {
        if (!$user_is_anonymous && api_global_admin_can_edit_admin($user_id, null, true)) {
            $result .= '<a href="user_edit.php?user_id=' . $user_id . '">' . Display::return_icon('edit.png', get_lang('Edit'), array(), ICON_SIZE_SMALL) . '</a>&nbsp;';
        } else {
            $result .= Display::return_icon('edit_na.png', get_lang('Edit'), array(), ICON_SIZE_SMALL) . '</a>&nbsp;';
        }
    }
    if ($is_admin) {
        $result .= Display::return_icon('admin_star.png', get_lang('IsAdministrator'), array('width' => ICON_SIZE_SMALL, 'heigth' => ICON_SIZE_SMALL));
    } else {
        $result .= Display::return_icon('admin_star_na.png', get_lang('IsNotAdministrator'));
    }
    // actions for assigning sessions, courses or users
    if (api_is_session_admin()) {
        /*if ($row[0] == api_get_user_id()) {
        			$result .= '<a href="dashboard_add_sessions_to_user.php?user='.$user_id.'">'.Display::return_icon('view_more_stats.gif', get_lang('AssignSessions')).'</a>&nbsp;&nbsp;';
        		}*/
    }
    //var_dump($row['groups']);
    if (api_is_platform_admin()) {
        if ($row['groups']->containsKey('drh') || $is_admin) {
            $result .= '<a href="dashboard_add_users_to_user.php?user=' . $user_id . '">' . Display::return_icon('user_subscribe_course.png', get_lang('AssignUsers'), '', ICON_SIZE_SMALL) . '</a>';
            $result .= '<a href="dashboard_add_courses_to_user.php?user=' . $user_id . '">' . Display::return_icon('course_add.gif', get_lang('AssignCourses')) . '</a>&nbsp;&nbsp;';
            $result .= '<a href="dashboard_add_sessions_to_user.php?user=' . $user_id . '">' . Display::return_icon('view_more_stats.gif', get_lang('AssignSessions')) . '</a>&nbsp;&nbsp;';
        } else {
            if ($row['groups']->containsKey('session_admin')) {
                $result .= '<a href="dashboard_add_sessions_to_user.php?user=' . $user_id . '">' . Display::return_icon('view_more_stats.gif', get_lang('AssignSessions')) . '</a>&nbsp;&nbsp;';
            }
        }
    }
    if (api_is_platform_admin()) {
        $result .= ' <a href="' . api_get_path(WEB_AJAX_PATH) . 'agenda.ajax.php?a=get_user_agenda&amp;user_id=' . $user_id . '" class="agenda_opener">' . Display::return_icon('month.png', get_lang('FreeBusyCalendar'), array(), ICON_SIZE_SMALL) . '</a>';
        if ($delete_user_available) {
            if ($user_id != api_get_user_id() && !$user_is_anonymous && api_global_admin_can_edit_admin($user_id)) {
                // you cannot lock yourself out otherwise you could disable all the accounts including your own => everybody is locked out and nobody can change it anymore.
                $result .= ' <a href="user_list.php?action=delete_user&amp;user_id=' . $user_id . '&amp;' . $url_params . '&amp;sec_token=' . Security::getCurrentToken() . '"  onclick="javascript:if(!confirm(' . "'" . addslashes(get_lang("ConfirmYourChoice")) . "'" . ')) return false;">' . Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL) . '</a>';
            } else {
                $result .= Display::return_icon('delete_na.png', get_lang('Delete'), array(), ICON_SIZE_SMALL);
            }
        }
    }
    return $result;
}
开发者ID:ragebat,项目名称:chamilo-lms,代码行数:95,代码来源:user_list.php


注:本文中的Security::getCurrentToken方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。