本文整理汇总了PHP中access::forbidden方法的典型用法代码示例。如果您正苦于以下问题:PHP access::forbidden方法的具体用法?PHP access::forbidden怎么用?PHP access::forbidden使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类access
的用法示例。
在下文中一共展示了access::forbidden方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: upgrade
public function upgrade()
{
if (php_sapi_name() == "cli") {
// @todo this may screw up some module installers, but we don't have a better answer at
// this time.
$_SERVER["HTTP_HOST"] = "example.com";
} else {
if (!user::active()->admin && !Session::instance()->get("can_upgrade", false)) {
access::forbidden();
}
}
// Upgrade gallery and user first
module::install("gallery");
module::install("user");
// Then upgrade the rest
foreach (module::available() as $id => $module) {
if ($id == "gallery") {
continue;
}
if ($module->active && $module->code_version != $module->version) {
module::install($id);
}
}
if (php_sapi_name() == "cli") {
print "Upgrade complete\n";
} else {
url::redirect("upgrader?done=1");
}
}
示例2: delete_user
public function delete_user($id) {
access::verify_csrf();
if ($id == user::active()->id || $id == user::guest()->id) {
access::forbidden();
}
$user = ORM::factory("user", $id);
if (!$user->loaded) {
kohana::show_404();
}
$form = user::get_delete_form_admin($user);
if($form->validate()) {
$name = $user->name;
$user->delete();
} else {
print json_encode(array("result" => "error",
"form" => $form->__toString()));
}
$message = t("Deleted user %user_name", array("user_name" => p::clean($name)));
log::success("user", $message);
message::success($message);
print json_encode(array("result" => "success"));
}
示例3: required
static function required($perm_name, $item)
{
// Original code from the required function in modules/gallery/helpers/access.php.
if (!access::can($perm_name, $item)) {
if ($perm_name == "view") {
// Treat as if the item didn't exist, don't leak any information.
throw new Kohana_404_Exception();
} else {
access::forbidden();
}
// Begin rWatcher modifications.
// Throw a 404 error when a user attempts to access a protected item,
// unless the password has been provided, or the user is the item's owner.
} elseif (module::get_var("albumpassword", "hideonly") == false) {
$item_protected = ORM::factory("albumpassword_idcache")->where("item_id", "=", $item->id)->order_by("cache_id")->find_all();
if (count($item_protected) > 0) {
$existing_password = ORM::factory("items_albumpassword")->where("id", "=", $item_protected[0]->password_id)->find();
if ($existing_password->loaded()) {
if (cookie::get("g3_albumpassword") != $existing_password->password && identity::active_user()->id != $item->owner_id && !identity::active_user()->admin) {
throw new Kohana_404_Exception();
}
}
}
}
}
示例4: auth
public function auth()
{
if (!identity::active_user()->admin) {
access::forbidden();
}
access::verify_csrf();
$form = self::_form();
$valid = $form->validate();
$user = identity::active_user();
if ($valid) {
module::event("user_auth", $user);
if (!request::is_ajax()) {
message::success(t("Successfully re-authenticated!"));
}
url::redirect(Session::instance()->get_once("continue_url"));
} else {
$name = $user->name;
log::warning("user", t("Failed re-authentication for %name", array("name" => $name)));
module::event("user_auth_failed", $name);
if (request::is_ajax()) {
$v = new View("reauthenticate.html");
$v->form = $form;
$v->user_name = identity::active_user()->name;
json::reply(array("html" => (string) $v));
} else {
self::_show_form($form);
}
}
}
示例5: _form_edit
public function _form_edit($user)
{
if ($user->guest || $user->id != user::active()->id) {
access::forbidden();
}
print user::get_edit_form($user);
}
示例6: upgrade
public function upgrade()
{
if (php_sapi_name() == "cli") {
// @todo this may screw up some module installers, but we don't have a better answer at
// this time.
$_SERVER["HTTP_HOST"] = "example.com";
} else {
if (!identity::active_user()->admin && !Session::instance()->get("can_upgrade", false)) {
access::forbidden();
}
try {
access::verify_csrf();
} catch (Exception $e) {
url::redirect("upgrader");
}
}
$available = module::available();
// Upgrade gallery first
$gallery = $available["gallery"];
if ($gallery->code_version != $gallery->version) {
module::upgrade("gallery");
module::activate("gallery");
}
// Then upgrade the rest
$failed = array();
foreach (module::available() as $id => $module) {
if ($id == "gallery") {
continue;
}
if ($module->active && $module->code_version != $module->version) {
try {
module::upgrade($id);
} catch (Exception $e) {
// @todo assume it's MODULE_FAILED_TO_UPGRADE for now
$failed[] = $id;
}
}
}
// If the upgrade failed, this will get recreated
site_status::clear("upgrade_now");
// Clear any upgrade check strings, we are probably up to date.
site_status::clear("upgrade_checker");
if (php_sapi_name() == "cli") {
if ($failed) {
print "Upgrade completed ** WITH FAILURES **\n";
print "The following modules were not successfully upgraded:\n";
print " " . implode($failed, "\n ") . "\n";
print "Try getting newer versions or deactivating those modules\n";
} else {
print "Upgrade complete\n";
}
} else {
if ($failed) {
url::redirect("upgrader?failed=" . join(",", $failed));
} else {
url::redirect("upgrader");
}
}
}
示例7: form_edit
public function form_edit($id)
{
$user = user::lookup($id);
if ($user->guest || $user->id != user::active()->id) {
access::forbidden();
}
print $this->_get_edit_form($user);
}
示例8: form
function form($id)
{
$item = ORM::factory("item", $id);
access::required("edit", $item);
if ($item->type != "album") {
access::forbidden();
}
print $this->_get_form($item);
}
示例9: form_add
/**
* Present a form for adding a new comment to this item or editing an existing comment.
*/
public function form_add($item_id)
{
$item = ORM::factory("item", $item_id);
access::required("view", $item);
if (!comment::can_comment()) {
access::forbidden();
}
print comment::prefill_add_form(comment::get_add_form($item));
}
示例10: delete
static function delete($request)
{
if (!identity::active_user()->admin) {
access::forbidden();
}
$comment = rest::resolve($request->url);
access::required("edit", $comment->item());
$comment->delete();
}
示例11: _check_star_permissions
/**
* Checks whether the given object can be starred by the active user.
*
* @param Item_Model $item the item
*/
private function _check_star_permissions(Item_Model $item)
{
access::verify_csrf();
access::required("view", $item);
access::required("edit", $item);
if (!star::can_star()) {
access::forbidden();
}
}
示例12: form_send
/**
* Present a form for sending a new ecard.
*/
public function form_send($item_id)
{
$item = ORM::factory("item", $item_id);
access::required("view", $item);
if (!ecard::can_send_ecard()) {
access::forbidden();
}
print ecard::prefill_send_form(ecard::get_send_form($item));
}
示例13: form
function form($id)
{
$item = ORM::factory("item", $id);
access::required("view", $item);
access::required("edit", $item);
if (!$item->is_album()) {
access::forbidden();
}
print $this->_get_form($item);
}
示例14: toggle_l10n_mode
public function toggle_l10n_mode()
{
access::verify_csrf();
if (!user::active()->admin) {
access::forbidden();
}
$session = Session::instance();
$session->set("l10n_mode", !$session->get("l10n_mode", false));
url::redirect("albums/1");
}
示例15: delete
static function delete($request)
{
// Restrict deleting tags to admins. Otherwise, a logged in user can do great harm to an
// install.
if (!identity::active_user()->admin) {
access::forbidden();
}
$tag = rest::resolve($request->url);
$tag->delete();
}