本文整理汇总了PHP中Security::is_action_allowed方法的典型用法代码示例。如果您正苦于以下问题:PHP Security::is_action_allowed方法的具体用法?PHP Security::is_action_allowed怎么用?PHP Security::is_action_allowed使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类Security
的用法示例。
在下文中一共展示了Security::is_action_allowed方法的8个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: db
//authenticate the user
//if $GO_SECURITY->authenticate(true); is used the user needs admin permissons
$GO_SECURITY->authenticate();
//see if the user has access to this module
//for this to work there must be a module named 'example'
$GO_MODULES->authenticate('opentts');
//set the page title for the header file
$page_title = "Opentts";
require $GO_THEME->theme_path . "header.inc";
$tts = new db();
require "classes.php";
$db_host = $tts->db_host;
$db_name = $tts->db_name;
$db_user = $tts->db_user;
$db_pass = $tts->db_pass;
if (Security::is_action_allowed("db_backup")) {
$pre = "{$prefix}{$hlpdsk_prefix}";
$tables = array("{$pre}_activities", "{$pre}_categories", "{$pre}_colors_tables", "{$pre}_config", "{$pre}_groups", "{$pre}_lang", "{$pre}_menu", "{$pre}_permissions", "{$pre}_priorities", "{$pre}_status", "{$pre}_tasks", "{$pre}_activities", "{$pre}_tickets", "{$pre}_stages", "{$pre}_groups_members", "{$pre}_projects");
$tables = join(" ", $tables);
if ($dbpass) {
$sqldump = "mysqldump -h{$db_host} -u{$db_user} -p{$db_pass} {$db_name} {$tables}";
} else {
$sqldump = "mysqldump -h{$db_host} -u{$db_user} {$db_name} {$tables}";
}
exec("{$sqldump} > opentts{$hlpdsk_prefix}.dump");
$tarexec = "tar --exclude snapshots CVS -chvlzf modules/{$name}/snapshots/{$name}{$hlpdsk_prefix}.{$tts_version}.tarz -C modules/ {$name}";
exec($tarexec);
echo "snapshot <a href=\"snapshots/{$name}{$hlpdsk_prefix}.{$tts_version}.tarz\">{$name}{$hlpdsk_prefix}.{$tts_version}.tarz</a> done!";
} else {
echo "ups";
}
示例2: change_activity
if (Security::is_action_allowed("change_activity") && isset($_POST['activity_id'])) {
change_activity($Ticket_Number, Security::sqlsecure($_POST['activity_id']));
}
if (Security::is_action_allowed("enter_new_task") && isset($_POST['comment'])) {
add_task($Ticket_Number, Security::sqlsecure($_POST['comment']));
}
if (Security::is_action_allowed("change_subject") && isset($_POST['t_subject'])) {
change_subject($Ticket_Number, Security::sqlsecure($_POST['t_subject']));
}
if (Security::is_action_allowed("change_project") && isset($_POST['project_id'])) {
change_project($Ticket_Number, Security::sqlsecure($_POST['project_id']));
}
if (Security::is_action_allowed("change_issuer") && isset($_POST['t_from'])) {
change_issuer($Ticket_Number, Security::sqlsecure($_POST['t_from']));
}
if (Security::is_action_allowed("change_complete") && isset($_POST['complete'])) {
change_complete($Ticket_Number, Security::sqlsecure($_POST['complete']));
}
show_html($Ticket_Number, '');
}
#
function add_task($Ticket_Number, $comment)
{
global $func;
$sender = whoami();
Task::insert_new_task($Ticket_Number, $sender, $comment);
if ($func == 'add_task') {
notify_change($Ticket_Number, $comment);
}
}
function change_subject($Ticket_Number, $t_subject)
示例3: db
//authenticate the user
//if $GO_SECURITY->authenticate(true); is used the user needs admin permissons
$GO_SECURITY->authenticate();
require $GO_LANGUAGE->get_language_file('opentts');
//see if the user has access to this module
//for this to work there must be a module named 'example'
$GO_MODULES->authenticate('opentts');
//set the page title for the header file
$page_title = "Opentts";
require $GO_THEME->theme_path . "header.inc";
$tts = new db();
require_once "classes.php";
require_once "menu.php";
$tabtable = new tabtable('newticket_tabtable', $helpdesk_title_queries, '100%', '400');
$tabtable->print_head();
if (Security::is_action_allowed("query_search")) {
$strtosearch = isset($_POST['strtosearch']) ? $_POST['strtosearch'] : '';
if (isset($_SESSION['show_hidden'])) {
$show_hidden = $_SESSION['show_hidden'];
}
echo Search::show_search();
if (isset($_POST['action'])) {
$submit = $_POST['action'];
}
if (isset($submit)) {
$search_status = $_POST['search_status'];
echo Search::printdb();
}
}
$tabtable->print_foot();
?>
示例4: whoami
$t_from = $GO_SECURITY->user_id;
}
$my_ticket->issuer = $t_from;
if (!isset($_POST['t_assigned'])) {
$t_assigned = whoami();
}
if (!isset($_POST['t_priority'])) {
$t_priority = 1;
}
if (!isset($_POST['project_id'])) {
$project_id = 1;
}
if (isset($_POST['t_status'])) {
$my_ticket->status_id = Security::sqlsecure($_POST['t_status']);
}
if (Security::is_action_allowed("set_assigned") and isset($_POST['t_assigned'])) {
$my_ticket->assigned_id = Security::sqlsecure($_POST['t_assigned']);
} else {
$my_ticket->assigned_id = $t_from;
}
if (isset($_POST['stage_id'])) {
$my_ticket->stage_id = Security::sqlsecure($_POST['t_stage']);
}
if (isset($_POST['t_category'])) {
$my_ticket->category_id = Security::sqlsecure($_POST['t_category']);
}
if (isset($_POST['t_priority'])) {
$my_ticket->priority_id = Security::sqlsecure($_POST['t_priority']);
}
if (isset($_POST['t_subject']) && $_POST['t_subject']) {
$my_ticket->subject = "{$t_subject}" . Security::sqlsecure($_POST['t_subject']);
示例5: db
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 2 of the License. */
/************************************************************************/
require "../../Group-Office.php";
//authenticate the user
//if $GO_SECURITY->authenticate(true); is used the user needs admin permissons
$GO_SECURITY->authenticate();
//see if the user has access to this module
//for this to work there must be a module named 'example'
$GO_MODULES->authenticate('opentts');
require $GO_LANGUAGE->get_language_file('opentts');
//set the page title for the header file
$page_title = "Opentts";
require $GO_THEME->theme_path . "header.inc";
$tts = new db();
require_once "classes.php";
require_once "menu.php";
$tabtable = new tabtable('stats_tabtable', $helpdesk_title_stat, '100%', '400');
$tabtable->print_head();
if (Security::is_action_allowed("admin")) {
echo "<center><font class=content>" . Opentts::status_stat() . "</center>";
echo "<br>";
echo "<center><font class=content>" . Opentts::cat_stat() . "</center>";
echo "<br>";
echo "<center><font class=content>" . Opentts::cat_status_stat() . "</center>";
}
$tabtable->print_foot();
?>
示例6: querydb
function querydb($extra_condition = "")
{
global $agent, $t_showall, $search, $strtosearch, $orderby, $name, $tts, $prefix, $hlpdsk_prefix, $limit, $limit_rows, $search_status, $submit, $temptime, $hlpdsk_theme, $field, $filter_field, $filter_value, $show_hidden, $hidden_check, $GO_SECURITY;
$querytext = "select * from {$prefix}{$hlpdsk_prefix}_tickets ";
if ($limit == "") {
$limit = 0;
}
if ($limit_rows == "") {
$limit_rows = -1;
}
$query_limit = " limit {$limit},{$limit_rows} ";
$query_condition = "where 1 {$extra_condition}";
$strtosearch = Security::sqlsecure($strtosearch);
if (isset($submit)) {
$search = 1;
if ($field) {
$field = Security::sqlsecure($field);
$query_condition .= " and ( {$field}='{$strtosearch}')";
} else {
$array_to_search = split(" ", $strtosearch);
$query_condition .= " and ( ";
foreach ($array_to_search as $to_search) {
$query_condition .= " (t_subject like '%{$to_search}%' or t_description like '%{$to_search}%') and";
}
$query_condition = substr($query_condition, 0, -3);
$query_condition .= " ) ";
}
}
if (is_array($search_status)) {
$search_condition = '';
foreach (array_keys($search_status) as $check_key) {
$search_condition .= "t_status={$check_key} ";
}
# show only open tickets
if (trim($search_condition) != "") {
$query_condition .= " and (" . str_replace(" ", " or ", trim($search_condition)) . ")";
}
}
if ($show_hidden == 'on') {
} else {
$query_condition .= " and t_stage=1 ";
}
if ($strtosearch) {
$search_uid = Security::get_uid("{$strtosearch}");
} else {
$search_uid = "";
}
if ($search_uid != "") {
$query_condition = "where 1 and (t_assigned='{$search_uid}' or t_from='{$search_uid}') ";
}
# FILTERS
if (isset($filter_field)) {
foreach ($filter_field as $key => $value) {
$query_condition .= " and ( {$value}='{$filter_value[$key]}') ";
}
}
# END OF SEARCH CONDITIONS
if (strcmp($orderby, "")) {
$query_order_by = " {$orderby} DESC";
} else {
$query_order_by = " order by Ticket_Number DESC";
}
#
$response_raw[0]['querytext'] = $querytext . $query_condition . $query_order_by . $query_limit;
$tts->query($response_raw[0]['querytext']);
$response_raw[0]['recordcount'] = $tts->num_rows();
$response_raw[0]['querytotal'] = $response_raw[0]['recordcount'];
if ($response_raw[0]['recordcount'] == 0) {
return serialize($response_raw);
}
$row = 1;
if (Security::is_action_allowed("view_all_tickets")) {
$tts->query($response_raw[0]['querytext']);
while ($tts->next_record()) {
$response_raw[$row]['ticket_number'] = $tts->f('ticket_number');
$response_raw[$row]['t_status'] = $tts->f('t_status');
$response_raw[$row]['t_priority'] = $tts->f('t_priority');
$response_raw[$row]['t_from'] = $tts->f('t_from');
$response_raw[$row]['t_subject'] = $tts->f('t_subject');
$response_raw[$row]['t_assigned'] = $tts->f('t_assigned');
$response_raw[$row]['t_stage'] = $tts->f('t_stage');
$response_raw[$row]['t_category'] = $tts->f('t_category');
$response_raw[$row]['post_date'] = $tts->f('post_date');
$response_raw[$row]['due_date'] = $tts->f('due_date');
$response_raw[$row]['end_date'] = $tts->f('end_date');
$response_raw[$row]['complete'] = $tts->f('complete');
$response_raw[$row]['change_date'] = $tts->f('change_date');
$response_raw[$row]['activity_id'] = $tts->f('activity_id');
$response_raw[$row]['project_id'] = $tts->f('project_id');
$row++;
}
} else {
$tts->query($response_raw[0]['querytext']);
while ($tts->next_record()) {
if ($GO_SECURITY->user_in_acl(whoami(), $tts->f('acl_read')) or $GO_SECURITY->user_in_acl(whoami(), $tts->f('acl_write'))) {
$response_raw[$row]['ticket_number'] = $tts->f('ticket_number');
$response_raw[$row]['t_status'] = $tts->f('t_status');
$response_raw[$row]['t_priority'] = $tts->f('t_priority');
$response_raw[$row]['t_from'] = $tts->f('t_from');
$response_raw[$row]['t_subject'] = $tts->f('t_subject');
//.........这里部分代码省略.........
示例7: showrecords
function showrecords()
{
global $Ticket_Number, $name, $tts, $prefix, $hlpdsk_prefix, $hlpdsk_theme, $nuke_user_table, $nuke_user_last_name_fieldname, $nuke_username_fieldname, $hours, $mins, $javascript, $nuke_user_id_fieldname, $nuke_user_first_name_fieldname, $datepicker, $cmdOk, $cmdReset, $GO_SECURITY, $acl_read, $acl_write, $GO_LANGUAGE;
require $GO_LANGUAGE->get_language_file('opentts');
$acl_read = get_cross_value("{$prefix}{$hlpdsk_prefix}_tickets", 'acl_read', "where ticket_number='{$Ticket_Number}'");
$acl_write = get_cross_value("{$prefix}{$hlpdsk_prefix}_tickets", 'acl_write', "where ticket_number='{$Ticket_Number}'");
if ($GO_SECURITY->user_in_acl(whoami(), $acl_read) or $GO_SECURITY->user_in_acl(whoami(), $acl_write) or Security::is_action_allowed("view_all_tickets")) {
$query_condition = " ";
} else {
$query_condition = " and (t_from='" . whoami() . "' or t_assigned='" . whoami() . "')";
}
$querytext = "select * from {$prefix}{$hlpdsk_prefix}_tickets where Ticket_Number='{$Ticket_Number}' {$query_condition} ";
$tts->query($querytext);
$recordcount = $tts->num_rows();
$row = 0;
if ($recordcount = 0) {
return 'missing';
}
while ($tts->next_record()) {
$post_date = $tts->f('post_date');
$due_date = $tts->f('due_date');
$end_date = $tts->f('end_date');
$complete = $tts->f('complete');
$t_from = $tts->f('t_from');
$t_stage = $tts->f('t_stage');
$t_category = $tts->f('t_category');
$t_priority = $tts->f('t_priority');
$t_subject = htmlspecialchars($tts->f('t_subject'));
$t_description = htmlspecialchars($tts->f('t_description'));
#$t_description=str_replace("\n"," <br> ",$t_description);
$t_assigned = $tts->f('t_assigned');
$t_email = $tts->f('t_email');
$t_sms = $tts->f('t_sms');
$t_status = $tts->f('t_status');
$change_date = htmlspecialchars($tts->f('change_date'));
$activity_id = $tts->f('activity_id');
$project_id = $tts->f('project_id');
$due_date = date("Y/m/d H:i", $due_date);
$end_date = date("Y/m/d H:i", $end_date);
$action_changes = $javascript;
if ($t_sms == "on") {
$t_sms = " CHECKED";
}
if ($t_email == "on") {
$t_email = " CHECKED";
}
if ($GO_SECURITY->user_in_acl(whoami(), $acl_write)) {
$button = new button();
$action_changes .= $button->get_button($cmdOk, "javascript:document.change_status.submit()");
$action_changes .= $button->get_button($cmdReset, "javascript:document.change_status.reset()");
} else {
$action_changes .= '';
}
$action_changes .= "</form></center>";
$tts_lang_ticket_number = "Ticket Number:";
$tts_lang_post_date_value = date("{$_SESSION['GO_SESSION']['date_format']} H:i", $post_date);
$fullname = opentts::get_fullname($t_from);
if (Security::is_action_allowed("imperson", 0, $acl_write)) {
$select = new select('user', 'change_status', 't_from', $t_from);
$tts_lang_issuer = $select->get_link("{$tts_lang_issuer}");
$tts_lang_issuer_value = $select->get_field();
} else {
$tts_lang_issuer_value = "{$fullname}";
}
$stage_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_stages", "stage_name", " where stage_id='{$t_stage}'"));
$category_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_categories", "category_name", " where category_id='{$t_category}'"));
$project_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_projects", "project_name", " where project_id='{$project_id}'"));
$select_complete = "<select name='complete' class=textbox>" . "<option value='0' >0%</option>" . "<option value='10'>10%</option>" . "<option value='20'>20%</option>" . "<option value='30'>30%</option>" . "<option value='40'>40%</option>" . "<option value='50'>50%</option>" . "<option value='60'>60%</option>" . "<option value='70'>70%</option>" . "<option value='80'>80%</option>" . "<option value='90'>90%</option>" . "<option value='100'>100%</option>" . "</select>";
$t_assigned_name = Security::whatsmyname($t_assigned);
if (Security::is_action_allowed("change_subject", 0, $acl_write)) {
$tts_lang_subject_value = "<input name=t_subject value=\"" . Security::sqlsecure($t_subject) . "\" class=textbox max=80 size=80>";
} else {
$tts_lang_subject_value = "<input name=t_subject value=\"" . Security::sqlsecure($t_subject) . "\" class=textbox max=80 size=80 readonly>";
}
$tts_lang_description_value = "<textarea name=t_description cols=80 rows=12 class=textbox readonly>" . Security::sqlsecure($t_description) . "</textarea>";
$tts_lang_change_date_VALUE = date("{$_SESSION['GO_SESSION']['date_format']} H:i", $change_date);
$tts_lang_email = "Email {$tts_lang_issuer}: <input type=checkbox name=t_email_issuer value=1><br>Email {$tts_lang_assigned} <input type=checkbox name=t_email_agent value=1>";
$post_changes = "<form name=\"change_status\" method=\"POST\" action=\"change_ticket.php?Ticket_Number={$Ticket_Number}&func=change_status\">";
if (Security::is_action_allowed("change_project", 0, $acl_write)) {
$project_name = select_option("{$project_id}", fill_select("project_id", "{$prefix}{$hlpdsk_prefix}_projects", "project_id", "project_name", " order by project_id"));
$tts_lang_project_value = "{$project_name}";
} else {
$project_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_projects", "project_name", " where project_id='{$project_id}'"));
$tts_lang_project_value = "{$project_name}";
}
$fullname = opentts::get_fullname($t_assigned);
if (Security::is_action_allowed("change_assigned", 0, $acl_write)) {
$select = new select('user', 'change_status', 't_assigned', $t_assigned);
$tts_lang_assign_to = $select->get_link("{$tts_lang_assign_to}");
$tts_lang_assign_to_value = $select->get_field();
} else {
$tts_lang_assign_to_value = "{$fullname}";
}
if (Security::is_action_allowed("change_end_date", 0, $acl_write)) {
$time = strtotime($end_date);
#$end_date_d_m_y=date("Y/m/d",$time);
$end_date_h = date("H", $time);
$end_date_i = date("i", $time);
$today = date($_SESSION['GO_SESSION']['date_format'], $time);
$end_date = $datepicker->get_date_picker('end_date_d_m_y', $_SESSION['GO_SESSION']['date_format'], $today);
//.........这里部分代码省略.........
示例8: dropbox
$tts_lang_end_date_value = $datepicker->get_date_picker('end_date_d_m_y', $_SESSION['GO_SESSION']['date_format'], $time);
$dropbox = new dropbox();
$dropbox->add_arrays($hours, $hours);
$tts_lang_end_date_h_value = $dropbox->get_dropbox("end_date_h", $end_date_h);
$dropbox = new dropbox();
$dropbox->add_arrays($mins, $mins);
$tts_lang_end_date_i_value = $dropbox->get_dropbox("end_date_i", $end_date_i);
if ($htmldirection == 'rtl') {
$tts_lang_end_date_value .= "{$tts_lang_end_date_i_value}:{$tts_lang_end_date_h_value}";
} else {
$tts_lang_end_date_value .= "{$tts_lang_end_date_h_value}:{$tts_lang_end_date_i_value}";
}
} else {
$tts_lang_end_date_value = "";
}
if (Security::is_action_allowed("set_due_date")) {
$time = date($_SESSION['GO_SESSION']['date_format'], time());
$tts_lang_due_date_value = $datepicker->get_date_picker('due_date_d_m_y', $_SESSION['GO_SESSION']['date_format'], $time, '', '', 'onchange="javascript:document.new_ticket.end_date_d_m_y.value=this.value;"');
$dropbox = new dropbox();
$dropbox->add_arrays($hours, $hours);
$tts_lang_due_date_h_value = $dropbox->get_dropbox("due_date_h", $due_date_h, 'onchange="javascript:update_end_hour(this.value);"');
$dropbox = new dropbox();
$dropbox->add_arrays($mins, $mins);
$tts_lang_due_date_i_value = $dropbox->get_dropbox("due_date_i", $due_date_i, 'onchange="javascript:update_end_min(this.value);"');
if ($htmldirection == 'rtl') {
$tts_lang_due_date_value .= "{$tts_lang_due_date_i_value}:{$tts_lang_due_date_h_value}";
} else {
$tts_lang_due_date_value .= "{$tts_lang_due_date_h_value}:{$tts_lang_due_date_i_value}";
}
} else {
$tts_lang_due_date_value = "";