本文整理汇总了PHP中cmsUser::checkCsrfToken方法的典型用法代码示例。如果您正苦于以下问题:PHP cmsUser::checkCsrfToken方法的具体用法?PHP cmsUser::checkCsrfToken怎么用?PHP cmsUser::checkCsrfToken使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类cmsUser
的用法示例。
在下文中一共展示了cmsUser::checkCsrfToken方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: polls
function polls()
{
$model = new cms_model_polls();
global $_LANG;
$do = cmsCore::getInstance()->do;
//========================================================================================================================//
//========================================================================================================================//
if ($do == 'view') {
$answer = cmsCore::request('answer', 'str', '');
$poll_id = cmsCore::request('poll_id', 'int');
if (!$answer || !$poll_id) {
if (cmsCore::isAjax()) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['SELECT_THE_OPTION']));
} else {
cmsCore::error404();
}
}
$poll = $model->getPoll($poll_id);
if (!$poll) {
cmsCore::jsonOutput(array('error' => true, 'text' => ''));
}
if ($model->isUserVoted($poll_id)) {
cmsCore::jsonOutput(array('error' => true, 'text' => ''));
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::halt();
}
$model->votePoll($poll, $answer);
cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['VOTE_ACCEPTED']));
}
}
示例2: applet_robots
function applet_robots()
{
global $_LANG;
global $adminAccess;
if (!cmsUser::isAdminCan('admin/robots', $adminAccess)) {
cpAccessDenied();
}
cmsCore::c('page')->setTitle($_LANG['ROBOTS_TITLE']);
cpAddPathway($_LANG['ROBOTS_TITLE']);
$do = cmsCore::request('do', array('edit', 'save'), 'edit');
if (!file_exists(PATH . '/robots.txt')) {
$fp = fopen(PATH . '/robots.txt', 'w');
fwrite($fp, str_replace(array('%domen%', '%host%'), array(str_replace(array('https://', 'http://'), '', cmsCore::c('config')->host), cmsCore::c('config')->host), file_get_contents(PATH . '/includes/default_robots.txt')));
fclose($fp);
chmod(PATH . '/robots.txt', 0777);
}
if ($do == 'save') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$data = cmsCore::request('robots', 'str');
$fp = fopen(PATH . '/robots.txt', 'w');
fwrite($fp, stripcslashes($data) . "\n");
fclose($fp);
}
$robots = file_get_contents(PATH . '/robots.txt');
cmsCore::c('page')->initTemplate('applets', 'robots')->assign('robots', $robots)->display();
}
示例3: applet_templates
function applet_templates()
{
global $adminAccess;
global $_LANG;
if (!cmsUser::isAdminCan('admin/config', $adminAccess)) {
cpAccessDenied();
}
$do = cmsCore::request('do', array('config', 'save_config'), 'main');
cmsCore::c('page')->setTitle($_LANG['AD_TEMPLATES_SETTING']);
cpAddPathway($_LANG['AD_TEMPLATES_SETTING'], 'index.php?view=templates');
if ($do == 'main') {
cmsCore::c('page')->initTemplate('applets', 'templates')->assign('templates', cmsCore::getDirsList('/templates'))->display();
}
if ($do == 'config') {
$template = cmsCore::request('template', 'str', '');
cpAddPathway($_LANG['AD_TEMPLATE'] . ': ' . $template, 'index.php?view=templates&do=config&template=' . $template);
if (!file_exists(PATH . '/templates/' . $template) || !file_exists(PATH . '/templates/' . $template . '/config.php')) {
cmsCore::error404();
}
include PATH . '/templates/' . $template . '/config.php';
if (function_exists('get_template_cfg_fields')) {
$tpl_cfgs = get_template_cfg_fields();
if (!empty($tpl_cfgs)) {
$tpl_cfgs_val = cmsCore::getTplCfg($template);
cmsCore::c('page')->initTemplate('applets', 'templates')->assign('template', $template)->assign('form_gen_form', cmsCore::c('form_gen')->generateForm($tpl_cfgs, $tpl_cfgs_val))->display();
} else {
cmsCore::addSessionMessage($_LANG['AD_TEMPLATE_NO_CONFIG'], 'error');
cmsCore::redirectBack();
}
} else {
cmsCore::addSessionMessage($_LANG['AD_TEMPLATE_CFG_ERROR'], 'error');
cmsCore::redirectBack();
}
}
if ($do == 'save_config') {
$template = cmsCore::request('template', 'str', '');
if (!file_exists(PATH . '/templates/' . $template) || !file_exists(PATH . '/templates/' . $template . '/config.php') || !cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
include PATH . '/templates/' . $template . '/config.php';
if (function_exists('get_template_cfg_fields')) {
$tpl_cfgs = get_template_cfg_fields();
if (!empty($tpl_cfgs)) {
$tpl_cfgs = cmsCore::c('form_gen')->requestForm($tpl_cfgs);
cmsCore::saveTplCfg($tpl_cfgs, $template);
cmsCore::addSessionMessage($_LANG['AD_TEMPLATE_CFG_SAVED'], 'success');
cmsCore::redirect('/admin/index.php?view=templates');
} else {
cmsCore::error404();
}
} else {
cmsCore::error404();
}
}
}
示例4: applet_arhive
function applet_arhive()
{
$inCore = cmsCore::getInstance();
global $_LANG;
cmsCore::c('page')->setTitle($_LANG['AD_ARTICLES_ARCHIVE']);
$cfg = $inCore->loadComponentConfig('content');
$cfg_arhive = $inCore->loadComponentConfig('arhive');
cpAddPathway($_LANG['AD_ARTICLE_SITE'], 'index.php?view=tree');
cpAddPathway($_LANG['AD_ARTICLES_ARCHIVE'], 'index.php?view=arhive');
$do = cmsCore::request('do', 'str', 'list');
$id = cmsCore::request('id', 'int', -1);
if ($do == 'saveconfig') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$cfg['source'] = cmsCore::request('source', 'str', '');
$inCore->saveComponentConfig('arhive', $cfg);
cmsCore::addSessionMessage($_LANG['AD_CONFIG_SAVE_SUCCESS'], 'success');
cmsCore::redirect('?view=arhive&do=config');
}
if ($do == 'config') {
$toolmenu = array(array('icon' => 'folders.gif', 'title' => $_LANG['AD_LIST_OF_ARTICLES'], 'link' => '?view=arhive'));
cpToolMenu($toolmenu);
cpAddPathway($_LANG['AD_SETTINGS'], 'index.php?view=arhive&do=config');
cmsCore::c('page')->initTemplate('applets', 'arhive')->assign('cfg_arhive', $cfg_arhive)->display();
}
if ($do == 'list') {
$toolmenu = array(array('icon' => 'config.gif', 'title' => $_LANG['AD_SETTINGS'], 'link' => '?view=arhive&do=config'), array('icon' => 'delete.gif', 'title' => $_LANG['AD_DELETE_SELECTED'], 'link' => "javascript:checkSel('?view=arhive&do=delete&multiple=1');"));
cpToolMenu($toolmenu);
//TABLE COLUMNS
$fields = array(array('title' => 'id', 'field' => 'id', 'width' => '40'), array('title' => $_LANG['AD_CREATE'], 'field' => 'pubdate', 'width' => '80', 'filter' => 15, 'fdate' => '%d/%m/%Y'), array('title' => $_LANG['TITLE'], 'field' => 'title', 'width' => '', 'link' => '?view=content&do=edit&id=%id%', 'filter' => 15), array('title' => $_LANG['AD_PARTITION'], 'field' => 'category_id', 'width' => '150', 'filter' => 1, 'prc' => 'cpCatById', 'filterlist' => cpGetList('cms_category')));
//ACTIONS
$actions = array(array('title' => $_LANG['AD_TO_ARTICLES_CATALOG'], 'icon' => 'arhive_off.gif', 'link' => '?view=arhive&do=arhive_off&id=%id%'), array('title' => $_LANG['DELETE'], 'icon' => 'delete.gif', 'link' => '?view=content&do=delete&id=%id%', 'confirm' => $_LANG['AD_DELETE_MATERIALS']));
//Print table
cpListTable('cms_content', $fields, $actions, 'is_arhive=1');
}
if ($do == 'arhive_off') {
if (cmsCore::inRequest('id')) {
cmsCore::c('db')->setFlag('cms_content', $id, 'is_arhive', '0');
cmsCore::redirect('?view=arhive');
}
}
if ($do == 'delete') {
if (!cmsCore::inRequest('item')) {
if ($id >= 0) {
cmsCore::m('content')->deleteArticle($id, $cfg['af_delete']);
}
} else {
cmsCore::m('content')->deleteArticles(cmsCore::request('item', 'array_int'), $cfg['af_delete']);
}
cmsCore::redirect('?view=arhive');
}
}
示例5: applet_robots
function applet_robots() {
global $_LANG;
global $adminAccess;
if (!cmsUser::isAdminCan('admin/robots', $adminAccess)) { cpAccessDenied(); }
cmsCore::c('page')->setTitle($_LANG['ROBOTS_TITLE']);
cpAddPathway($_LANG['ROBOTS_TITLE']);
$do = cmsCore::request('do', array('edit', 'save'), 'edit');
if (!file_exists(PATH .'/robots.txt')) {
$fp = fopen(PATH .'/robots.txt', 'w');
fwrite($fp, str_replace(array('%domen%', '%host%'), array(str_replace(array('https://', 'http://'), '', cmsCore::c('config')->host), cmsCore::c('config')->host), file_get_contents(PATH .'/includes/default_robots.txt')));
fclose ($fp);
chmod(PATH .'/robots.txt', 0777);
}
if ($do == 'save') {
if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); }
$data = cmsCore::request('robots', 'str');
$fp = fopen(PATH .'/robots.txt', 'w');
fwrite($fp, stripcslashes($data) ."\n");
fclose ($fp);
}
$robots = file_get_contents(PATH .'/robots.txt');
?>
<form action="" method="post">
<div style="width:650px;">
<input type="hidden" name="csrf_token" value="<?php echo cmsUser::getCsrfToken(); ?>" />
<div class="form-group">
<label><?php echo $_LANG['ROBOTS_TXT_DATA']; ?></label>
<textarea name="robots" class="form-control" style="height: 400px;"><?php echo $robots; ?></textarea>
<div class="help-block"><?php echo $_LANG['ROBOTS_TXT_INFO']; ?></div>
</div>
<input type="hidden" name="do" value="save" />
<input type="submit" class="btn btn-primary" name="save" value="<?php echo $_LANG['SAVE']; ?>" />
<input type="button" class="btn btn-default" name="back" value="<?php echo $_LANG['CANCEL']; ?>" onclick="window.history.back();" />
</div>
</form>
<?php
}
示例6: mod_invite
function mod_invite($mod, $cfg) {
global $_LANG;
$errors = false;
$is_redirect = false; // в модуле нельзя использовать cmsCore::redirectBack(), используем костыли ;)
if (cmsCore::inRequest('send_invite_email')) {
$is_redirect = true;
$username = cmsCore::request('username', 'str', '');
$email = cmsCore::request('friend_email', 'email', '');
if (!$username && !cmsCore::c('user')->id) {
cmsCore::addSessionMessage($_LANG['ERR_NEED_NAME'], 'error'); $errors = true;
}
if (cmsCore::c('user')->id) {
$username = cmsCore::c('user')->nickname;
}
if (!$email) {
cmsCore::addSessionMessage($_LANG['ERR_NEED_MAIL'], 'error'); $errors = true;
}
if (!$errors) {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$letter = cmsCore::getLanguageTextFile('mail_invite');
$letter = str_replace('{sitename}', cmsConfig::getConfig('sitename'), $letter);
$letter = str_replace('{site_url}', HOST, $letter);
$letter = str_replace('{username}', $username, $letter);
cmsCore::mailText($email, sprintf($_LANG['INVITE_SUBJECT'], $username), $letter);
cmsCore::addSessionMessage($_LANG['INVITE_SENDED'], 'success');
}
}
cmsPage::initTemplate('modules', $cfg['tpl'])->
assign('user_id', cmsCore::c('user')->id)->
assign('is_redirect', $is_redirect)->
display();
return true;
}
示例7: applet_config
function applet_config()
{
// получаем оригинальный конфиг
$config = cmsConfig::getDefaultConfig();
global $_LANG;
global $adminAccess;
if (!cmsUser::isAdminCan('admin/config', $adminAccess)) {
cpAccessDenied();
}
cmsCore::c('page')->setTitle($_LANG['AD_SITE_SETTING']);
cpAddPathway($_LANG['AD_SITE_SETTING'], 'index.php?view=config');
$do = cmsCore::request('do', 'str', 'list');
if ($do == 'save') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$newCFG = cmsCore::getArrayFromRequest(array('scheme' => array('scheme', array('http', 'https'), ''), 'sitename' => array('sitename', 'str', ''), 'title_and_sitename' => array('title_and_sitename', 'int', 0), 'title_and_page' => array('title_and_page', 'int', 0), 'hometitle' => array('hometitle', 'str', ''), 'homecom' => array('homecom', 'str', ''), 'com_without_name_in_url' => array('com_without_name_in_url', 'str', ''), 'siteoff' => array('siteoff', 'int', 0), 'only_authorized' => array('only_authorized', 'int', 0), 'debug' => array('debug', 'int', 0), 'offtext' => array('offtext', 'str', ''), 'keywords' => array('keywords', 'str', ''), 'metadesc' => array('metadesc', 'str', ''), 'seourl' => array('seourl', 'int', 0), 'lang' => array('lang', 'str', 'ru'), 'is_change_lang' => array('is_change_lang', 'int', 0), 'sitemail' => array('sitemail', 'str', ''), 'sitemail_name' => array('sitemail_name', 'str', ''), 'wmark' => array('wmark', 'str', ''), 'template' => array('template', 'str', ''), 'admin_template' => array('admin_template', 'str', ''), 'cache' => array('cache', 'int', 0), 'cache_type' => array('cache_type', array('file', 'memcached'), ''), 'memcached_host' => array('memcached_host', 'str', ''), 'memcached_port' => array('memcached_port', 'int', 0), 'combine_css_enable' => array('combine_css_enable', 'int', 0), 'combine_css' => array('combine_css', 'html', ''), 'combine_js_enable' => array('combine_js_enable', 'int', 0), 'combine_js' => array('combine_js', 'html', ''), 'splash' => array('splash', 'int', 0), 'slight' => array('slight', 'int', 0), 'show_pw' => array('show_pw', 'int', 0), 'last_item_pw' => array('last_item_pw', 'int', 0), 'index_pw' => array('index_pw', 'int', 0), 'fastcfg' => array('fastcfg', 'int', 0), 'mailer' => array('mailer', 'str', ''), 'smtpsecure' => array('smtpsecure', 'str', ''), 'smtpauth' => array('smtpauth', 'int', 0), 'smtpuser' => array('smtpuser', 'str', $config['smtpuser']), 'smtppass' => array('smtppass', 'str', $config['smtppass']), 'smtphost' => array('smtphost', 'str', ''), 'smtpport' => array('smtpport', 'int', '25'), 'timezone' => array('timezone', 'str', $config['timezone']), 'user_stats' => array('user_stats', 'int', 0), 'seo_url_count' => array('seo_url_count', 'int', 0), 'max_pagebar_links' => array('max_pagebar_links', 'int', 0), 'allow_ip' => array('allow_ip', 'str', ''), 'iframe_enable' => array('iframe_enable', 'int', 0), 'vk_enable' => array('vk_enable', 'int', 0), 'vk_id' => array('vk_id', 'str', ''), 'vk_private_key' => array('vk_private_key', 'str', '')));
$newCFG['sitename'] = stripslashes($newCFG['sitename']);
$newCFG['hometitle'] = stripslashes($newCFG['hometitle']);
$newCFG['offtext'] = htmlspecialchars($newCFG['offtext'], ENT_QUOTES);
$newCFG['db_host'] = $config['db_host'];
$newCFG['db_base'] = $config['db_base'];
$newCFG['db_user'] = $config['db_user'];
$newCFG['db_pass'] = $config['db_pass'];
$newCFG['db_prefix'] = $config['db_prefix'];
if (cmsConfig::saveToFile($newCFG)) {
cmsCore::addSessionMessage($_LANG['AD_CONFIG_SAVE_SUCCESS'], 'success');
} else {
cmsCore::addSessionMessage($_LANG['AD_CONFIG_SITE_ERROR'], 'error');
}
cmsCore::clearCache();
cmsCore::redirect('index.php?view=config');
}
cpCheckWritable('/includes/config/config.inc.json');
$result = cmsCore::c('db')->query("SELECT (sum(data_length)+sum(index_length))/1024/1024 as size FROM INFORMATION_SCHEMA.TABLES WHERE table_schema = '" . $config['db_base'] . "'", true);
if (!cmsCore::c('db')->error()) {
$s = cmsCore::c('db')->fetch_assoc($result);
} else {
$s['size'] = 0;
}
cmsCore::c('page')->initTemplate('applets', 'config')->assign('config', $config)->assign('timezone_opt', cmsCore::getTimeZonesOptions($config['timezone']))->assign('admin_templates', cmsCore::getDirsList('/templates/admin'))->assign('templates', cmsCore::getDirsList('/templates'))->assign('tpl_info', cmsCore::c('page')->getTplInfo(cmsCore::c('page')->template))->assign('components_opt', cmsCore::getListItems('cms_components', $config['com_without_name_in_url'], 'title', 'ASC', 'internal=0', 'link'))->assign('homecom_opt', cmsCore::getListItems('cms_components', $config['homecom'], 'title', 'ASC', 'internal=0', 'link'))->assign('langs', cmsCore::getDirsList('/languages'))->assign('db_size', round($s['size'], 2))->display();
}
示例8: photos
//.........这里部分代码省略.........
}
if (mb_strstr($photo['NSDiffer'], 'club')) {
cmsCore::halt();
}
if (!$inUser->is_admin) {
cmsCore::halt();
}
if (!cmsCore::inRequest('move_photo')) {
cmsPage::initTemplate('components', 'com_photos_move')->assign('form_action', '/photos/movephoto' . $photo['id'] . '.html')->assign('html', $inPhoto->getAlbumsOption('', $photo['album_id']))->display('com_photos_move.tpl');
cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
} else {
$album = cmsCore::callEvent('GET_PHOTO_ALBUM', $inDB->getNsCategory('cms_photo_albums', cmsCore::request('album_id', 'int')));
if (!$album) {
cmsCore::halt();
}
if (!$album['public'] && !$inUser->is_admin) {
cmsCore::error404();
}
// Смотрим ограничения загрузки в сутки
$today_uploaded = $album['uplimit'] ? $model->loadedByUser24h($inUser->id, $album['id']) : 0;
if (!$inUser->is_admin && $album['uplimit'] && $today_uploaded >= $album['uplimit']) {
cmsCore::jsonOutput(array('error' => true, 'text' => '<strong>' . $_LANG['MAX_UPLOAD_IN_DAY'] . '</strong> ' . $_LANG['CAN_UPLOAD_TOMORROW']));
}
$inDB->query("UPDATE cms_photo_files SET album_id = '{$album['id']}' WHERE id = '{$photo['id']}'");
cmsActions::updateLog('add_photo', array('target' => $album['title'], 'target_url' => '/photos/' . $album['id'], 'target_id' => $album['id']), $photo['id']);
cmsCore::addSessionMessage($_LANG['PHOTO_MOVED'], 'info');
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/photos/' . $album['id']));
}
}
/////////////////////////////// PHOTO DELETE /////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'delphoto') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
if (!cmsUser::checkCsrfToken()) {
cmsCore::halt();
}
$photo = cmsCore::callEvent('GET_PHOTO', $inPhoto->getPhoto($id));
if (!$photo) {
cmsCore::halt();
}
if (mb_strstr($photo['NSDiffer'], 'club')) {
cmsCore::halt();
}
$is_author = $photo['user_id'] == $inUser->id && $inUser->id;
if (!$inUser->is_admin && !$is_author) {
cmsCore::halt();
}
$inPhoto->deletePhoto($photo, $model->initUploadClass($inDB->getNsCategory('cms_photo_albums', $photo['album_id'])));
cmsCore::addSessionMessage($_LANG['PHOTO_DELETED'], 'success');
cmsUser::clearCsrfToken();
cmsCore::jsonOutput(array('error' => false, 'redirect' => '/photos/' . $photo['album_id']));
}
/////////////////////////////// PHOTO PUBLISH /////////////////////////////////////////////////////////////////////////////////////////
if ($do == 'publish_photo') {
if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
cmsCore::halt();
}
if (!$inUser->id) {
cmsCore::halt();
}
$photo = cmsCore::callEvent('GET_PHOTO', $inPhoto->getPhoto($id));
if (!$photo) {
cmsCore::halt();
}
if (!$inUser->is_admin) {
cmsCore::halt();
}
$inPhoto->publishPhoto($photo['id']);
cmsCore::callEvent('ADD_PHOTO_DONE', $photo);
$description = '<a href="/photos/photo' . $photo['id'] . '.html" class="act_photo"><img src="/images/photos/small/' . $photo['file'] . '" alt="' . htmlspecialchars(stripslashes($photo['title'])) . '" /></a>';
cmsActions::log('add_photo', array('object' => $photo['title'], 'object_url' => '/photos/photo' . $photo['id'] . '.html', 'object_id' => $photo['id'], 'user_id' => $photo['user_id'], 'target' => $photo['cat_title'], 'target_id' => $photo['album_id'], 'target_url' => '/photos/' . $photo['album_id'], 'description' => $description));
cmsCore::halt('ok');
}
/////////////////////////////// VIEW LATEST/BEST PHOTOS //////////////////////////////////////////////////////////////////////////////
if (in_array($do, array('latest', 'best'))) {
if ($do == 'latest') {
$inDB->orderBy('f.pubdate', 'DESC');
$pagetitle = $pagetitle && $inCore->isMenuIdStrict() ? $pagetitle : $_LANG['NEW_PHOTO_IN_GALLERY'];
} else {
$inDB->orderBy('f.rating', 'DESC');
$pagetitle = $pagetitle && $inCore->isMenuIdStrict() ? $pagetitle : $_LANG['BEST_PHOTOS'];
}
$inDB->limit($model->config['best_latest_perpage']);
// выбираем категории фото
$inDB->addJoin("INNER JOIN cms_photo_albums a ON a.id = f.album_id AND a.published = 1 AND a.NSDiffer = ''");
$inDB->addSelect('a.title as cat_title');
$photos = $inPhoto->getPhotos(false, 'with_comments');
if (!$photos) {
cmsCore::error404();
}
$inPage->addPathway($pagetitle);
$inPage->setTitle($pagetitle);
cmsPage::initTemplate('components', 'com_photos_bl')->assign('maxcols', $model->config['best_latest_maxcols'])->assign('pagetitle', $pagetitle)->assign('photos', $photos)->display('com_photos_bl.tpl');
}
/////////////////////////////// /////////////////////////////// ////////////////
}
示例9: applet_menu
function applet_menu()
{
$inCore = cmsCore::getInstance();
$inDB = cmsDatabase::getInstance();
global $_LANG;
global $adminAccess;
if (!cmsUser::isAdminCan('admin/menu', $adminAccess)) {
cpAccessDenied();
}
$GLOBALS['cp_page_title'] = $_LANG['AD_MENU'];
cpAddPathway($_LANG['AD_MENU'], 'index.php?view=menu');
$do = cmsCore::request('do', 'str', 'list');
$id = cmsCore::request('id', 'int', -1);
if ($do == 'list') {
$toolmenu[] = array('icon' => 'new.gif', 'title' => $_LANG['AD_MENU_POINT_ADD'], 'link' => '?view=menu&do=add');
$toolmenu[] = array('icon' => 'newmenu.gif', 'title' => $_LANG['AD_MENU_ADD'], 'link' => '?view=menu&do=addmenu');
$toolmenu[] = array('icon' => 'edit.gif', 'title' => $_LANG['AD_EDIT_SELECTED'], 'link' => "javascript:checkSel('?view=menu&do=edit&multiple=1');");
$toolmenu[] = array('icon' => 'delete.gif', 'title' => $_LANG['AD_DELETE_SELECTED'], 'link' => "javascript:checkSel('?view=menu&do=delete&multiple=1');");
$toolmenu[] = array('icon' => 'show.gif', 'title' => $_LANG['AD_ALLOW_SELECTED'], 'link' => "javascript:checkSel('?view=menu&do=show&multiple=1');");
$toolmenu[] = array('icon' => 'hide.gif', 'title' => $_LANG['AD_DISALLOW_SELECTED'], 'link' => "javascript:checkSel('?view=menu&do=hide&multiple=1');");
$toolmenu[] = array('icon' => 'help.gif', 'title' => $_LANG['AD_HELP'], 'link' => '?view=help&topic=menu');
cpToolMenu($toolmenu);
$fields[] = array('title' => 'Lt', 'field' => 'NSLeft', 'width' => '30');
$fields[] = array('title' => $_LANG['TITLE'], 'field' => 'title', 'width' => '', 'link' => '?view=menu&do=edit&id=%id%');
$fields[] = array('title' => $_LANG['SHOW'], 'field' => 'published', 'width' => '60');
$fields[] = array('title' => $_LANG['AD_ORDER'], 'field' => 'ordering', 'width' => '100');
$fields[] = array('title' => $_LANG['AD_LINK'], 'field' => array('linktype', 'linkid', 'link'), 'width' => '240', 'prc' => 'cpMenutypeById');
$fields[] = array('title' => $_LANG['AD_MENU'], 'field' => 'menu', 'width' => '70', 'filter' => '10', 'filterlist' => cpGetList('menu'), 'prc' => 'list_menu');
$fields[] = array('title' => $_LANG['TEMPLATE'], 'field' => 'template', 'width' => '70', 'prc' => 'cpTemplateById');
$actions[] = array('title' => $_LANG['EDIT'], 'icon' => 'edit.gif', 'link' => '?view=menu&do=edit&id=%id%');
$actions[] = array('title' => $_LANG['DELETE'], 'icon' => 'delete.gif', 'confirm' => $_LANG['AD_MENU_POINT_CONFIRM'], 'link' => '?view=menu&do=delete&id=%id%');
cpListTable('cms_menu', $fields, $actions, 'parent_id>0', 'NSLeft, ordering');
} else {
$toolmenu[] = array('icon' => 'save.gif', 'title' => $_LANG['SAVE'], 'link' => 'javascript:document.addform.submit();');
$toolmenu[] = array('icon' => 'cancel.gif', 'title' => $_LANG['CANCEL'], 'link' => 'index.php?view=menu');
cpToolMenu($toolmenu);
}
if ($do == 'move_up') {
$inDB->moveNsCategory('cms_menu', $id, 'up');
cmsCore::redirectBack();
}
if ($do == 'move_down') {
$inDB->moveNsCategory('cms_menu', $id, 'down');
cmsCore::redirectBack();
}
if ($do == 'show') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) {
dbShow('cms_menu', $id);
}
echo '1';
exit;
} else {
dbShowList('cms_menu', $_REQUEST['item']);
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
cmsCore::redirectBack();
}
}
if ($do == 'hide') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) {
dbHide('cms_menu', $id);
}
echo '1';
exit;
} else {
dbHideList('cms_menu', cmsCore::request('item', 'array_int', array()));
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
cmsCore::redirectBack();
}
}
if ($do == 'delete') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) {
$inDB->deleteNS('cms_menu', (int) $id);
}
} else {
$items = cmsCore::request('item', 'array_int', array());
foreach ($items as $item_id) {
$inDB->deleteNS('cms_menu', $item_id);
}
}
cmsCore::addSessionMessage($_LANG['AD_DO_SUCCESS'], 'success');
cmsCore::redirectBack();
}
if ($do == 'update') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
$id = cmsCore::request('id', 'int', 0);
if (!$id) {
cmsCore::redirectBack();
}
$title = cmsCore::request('title', 'str', '');
$menu = cmsCore::arrayToYaml(cmsCore::request('menu', 'array_str', ''));
$linktype = cmsCore::request('mode', 'str', '');
$linkid = cmsCore::request($linktype, 'str', '');
$link = $inCore->getMenuLink($linktype, $linkid);
$target = cmsCore::request('target', 'str', '');
$published = cmsCore::request('published', 'int', 0);
//.........这里部分代码省略.........
示例10: applet_content
function applet_content()
{
$inCore = cmsCore::getInstance();
$inUser = cmsUser::getInstance();
$inDB = cmsDatabase::getInstance();
global $_LANG;
//check access
global $adminAccess;
if (!cmsUser::isAdminCan('admin/content', $adminAccess)) {
cpAccessDenied();
}
$cfg = $inCore->loadComponentConfig('content');
cmsCore::loadModel('content');
$model = new cms_model_content();
$GLOBALS['cp_page_title'] = $_LANG['AD_ARTICLES'];
cpAddPathway($_LANG['AD_ARTICLES'], 'index.php?view=tree');
$do = cmsCore::request('do', 'str', 'add');
$id = cmsCore::request('id', 'int', -1);
if ($do == 'arhive_on') {
$inDB->query("UPDATE cms_content SET is_arhive = 1 WHERE id = '{$id}'");
cmsCore::addSessionMessage($_LANG['AD_ARTICLES_TO_ARHIVE'], 'success');
cmsCore::redirectBack();
}
if ($do == 'move') {
$item_id = cmsCore::request('id', 'int', 0);
$cat_id = cmsCore::request('cat_id', 'int', 0);
$dir = $_REQUEST['dir'];
$step = 1;
$model->moveItem($item_id, $cat_id, $dir, $step);
echo '1';
exit;
}
if ($do == 'move_to_cat') {
$items = cmsCore::request('item', 'array_int');
$to_cat_id = cmsCore::request('obj_id', 'int', 0);
if ($items && $to_cat_id) {
$last_ordering = (int) $inDB->get_field('cms_content', "category_id = '{$to_cat_id}' ORDER BY ordering DESC", 'ordering');
foreach ($items as $item_id) {
$article = $model->getArticle($item_id);
if (!$article) {
continue;
}
$last_ordering++;
$model->updateArticle($article['id'], array('category_id' => $to_cat_id, 'ordering' => $last_ordering, 'url' => $article['url'], 'title' => $inDB->escape_string($article['title']), 'id' => $article['id'], 'user_id' => $article['user_id']));
}
cmsCore::addSessionMessage($_LANG['AD_ARTICLES_TO'], 'success');
}
cmsCore::redirect('?view=tree&cat_id=' . $to_cat_id);
}
if ($do == 'show') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) {
dbShow('cms_content', $id);
}
echo '1';
exit;
} else {
dbShowList('cms_content', cmsCore::request('item', 'array_int'));
cmsCore::redirectBack();
}
}
if ($do == 'hide') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) {
dbHide('cms_content', $id);
}
echo '1';
exit;
} else {
dbHideList('cms_content', cmsCore::request('item', 'array_int'));
cmsCore::redirectBack();
}
}
if ($do == 'delete') {
if (!isset($_REQUEST['item'])) {
if ($id >= 0) {
$model->deleteArticle($id);
cmsCore::addSessionMessage($_LANG['AD_ARTICLE_REMOVE'], 'success');
}
} else {
$model->deleteArticles(cmsCore::request('item', 'array_int'));
cmsCore::addSessionMessage($_LANG['AD_ARTICLES_REMOVE'], 'success');
}
cmsCore::redirectBack();
}
if ($do == 'update') {
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
if (isset($_REQUEST['id'])) {
$id = cmsCore::request('id', 'int', 0);
$article['category_id'] = cmsCore::request('category_id', 'int', 1);
$article['title'] = cmsCore::request('title', 'str');
$article['url'] = cmsCore::request('url', 'str');
$article['showtitle'] = cmsCore::request('showtitle', 'int', 0);
$article['description'] = cmsCore::request('description', 'html', '');
$article['description'] = $inDB->escape_string($article['description']);
$article['content'] = cmsCore::request('content', 'html', '');
$article['content'] = $inDB->escape_string($article['content']);
$article['for_img'] = cmsCore::request('for_img', 'html', '');
//.........这里部分代码省略.........
示例11: comments
//.........这里部分代码省略.........
// получаем массив со ссылкой и заголовком цели комментария
// для этого:
// 1. узнаем ответственный компонент из cms_comment_targets
$target = $inDB->get_fields('cms_comment_targets', "target='{$comment['target']}'", '*');
if (!$target) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'] . ' #1'));
}
// 2. подключим модель этого компонента
if (cmsCore::loadModel($target['component'])) {
$model_class = 'cms_model_' . $target['component'];
if (class_exists($model_class)) {
$target_model = new $model_class();
}
}
if (!isset($target_model)) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'] . ' #2'));
}
// 3. запросим массив $target_data[link, title] у метода getCommentTarget модели
$target_data = $target_model->getCommentTarget($comment['target'], $comment['target_id']);
if (!$target_data) {
cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_UNKNOWN_TARGET'] . ' #3'));
}
$comment['target_title'] = $target_data['title'];
$comment['target_link'] = $target_data['link'];
// 4. Узнаем видимость комментария в модели $target_model
if (method_exists($target_model, 'getVisibility')) {
$comment['is_hidden'] = $target_model->getVisibility($comment['target'], $comment['target_id']);
} else {
$comment['is_hidden'] = 0;
}
// публикация согласно настроек
$comment['published'] = $inUser->is_admin || $model->is_can_moderate || $model->is_add_published ? 1 : 0;
// Проверяем токен перед самым добавлением комментария
if (!cmsUser::checkCsrfToken()) {
cmsCore::error404();
}
// 5. добавляем комментарий в базу
$comment_id = $model->addComment($comment);
// 6. Пересчитываем количество комментариев у цели если нужно
if (method_exists($target_model, 'updateCommentsCount')) {
$target_model->updateCommentsCount($comment['target'], $comment['target_id']);
}
if (!$comment['is_hidden'] && $comment['published']) {
//регистрируем событие
$content_short = strip_tags($comment['content']);
cmsActions::log('add_comment', array('object' => $_LANG['COMMENT'], 'object_url' => $comment['target_link'] . '#c' . $comment_id, 'object_id' => $comment_id, 'target' => $comment['target_title'], 'target_url' => $comment['target_link'], 'target_id' => $comment['target_id'], 'description' => mb_strlen($content_short) > 140 ? mb_substr($content_short, 0, 140) : $content_short));
}
////////////////////////////////////////////////////////////////
///////////////// Операции по уведомлениям /////////////////////
$inConf = cmsConfig::getInstance();
$from_nick = $inUser->id ? $inUser->nickname : $comment['guestname'];
$targetlink = HOST . $comment['target_link'] . '#c' . $comment_id;
//получаем ID и e-mail автора
$author = $inUser->id ? $model->getTargetAuthor($target['target_table'], $comment['target_id']) : '';
//подписываем пользователя на обновления, если нужно
if ($inUser->id && cmsCore::inRequest('subscribe')) {
cmsUser::subscribe($inUser->id, $comment['target'], $comment['target_id']);
}
if ($comment['published']) {
//рассылаем уведомления о новом комменте
cmsUser::sendUpdateNotify($comment['target'], $comment['target_id'], array('link' => $comment['target_link'] . '#c' . $comment_id, 'title' => stripslashes($comment['target_title']), 'letter_file' => 'newcomment', 'author' => $inUser->id ? $inUser->nickname : $comment['guestname']));
//проверяем и выдаем награду если нужно
cmsUser::checkAwards($inUser->id);
}
//отправляем админу уведомление о комментарии на e-mail, если нужно
if ($model->config['email']) {
示例12: applet_users
//.........这里部分代码省略.........
'object' => '',
'user_id' => $user_id,
'object_url' => '',
'object_id' => $user_id,
'target' => '',
'target_url' => '',
'target_id' => 0,
'description' => ''
)
);
}
cmsCore::redirectBack();
}
if ($do == 'delete') {
if (!cmsCore::inRequest('item')) {
if ($id >= 0) {
$model->deleteUser($id);
}
} else {
$model->deleteUsers(cmsCore::request('item', 'array_int', array()));
}
cmsCore::redirectBack();
}
if ($do == 'delete_full') {
$model->deleteUser($id, true);
cmsCore::redirectBack();
}
if ($do == 'submit' || $do == 'update') {
if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); }
$types = array(
'login' => array( 'login', 'str', '' ),
'nickname' => array( 'nickname', 'str', '', 'htmlspecialchars' ),
'email' => array( 'email', 'email', '' ),
'group_id' => array( 'group_id', 'int', 1 ),
'is_locked' => array( 'is_locked', 'int', 0 ),
'password' => array( 'pass', 'str', '', 'stripslashes' ),
'pass2' => array( 'pass2', 'str', '', 'stripslashes' )
);
$items = cmsCore::getArrayFromRequest($types);
$errors = false;
// проверяем логин
if (mb_strlen($items['login']) < 2 ||
mb_strlen($items['login']) > 15 ||
is_numeric($items['login']) ||
!preg_match("/^([a-zA-Z0-9])+$/ui", $items['login'])) {
cmsCore::addSessionMessage($_LANG['ERR_LOGIN'], 'error');
$errors = true;
}
// проверяем пароль
if ($do == 'submit') {
if (!$items['password']) {
cmsCore::addSessionMessage($_LANG['TYPE_PASS'], 'error');
$errors = true;
}
}
示例13: validateForm
/**
* ====== DEPRECATED =========
* используйте cmsUser::checkCsrfToken();
*/
public static function validateForm()
{
return cmsUser::checkCsrfToken();
}
示例14: applet_content
function applet_content() {
$inCore = cmsCore::getInstance();
cmsCore::m('content');
global $_LANG;
//check access
global $adminAccess;
if (!cmsUser::isAdminCan('admin/content', $adminAccess)) { cpAccessDenied(); }
$cfg = $inCore->loadComponentConfig('content');
cmsCore::c('page')->setTitle($_LANG['AD_ARTICLES']);
cpAddPathway($_LANG['AD_ARTICLES'], 'index.php?view=tree');
$do = cmsCore::request('do', 'str', 'add');
$id = cmsCore::request('id', 'int', -1);
if ($do == 'arhive_on') {
cmsCore::c('db')->setFlag('cms_content', $id, 'is_arhive', '1');
cmsCore::addSessionMessage($_LANG['AD_ARTICLES_TO_ARHIVE'], 'success');
cmsCore::redirectBack();
}
if ($do == 'move') {
$item_id = cmsCore::request('id', 'int', 0);
$cat_id = cmsCore::request('cat_id', 'int', 0);
$dir = cmsCore::request('dir', 'str');
$step = 1;
cmsCore::m('content')->moveItem($item_id, $cat_id, $dir, $step);
cmsCore::halt(1);
}
if ($do == 'move_to_cat') {
$items = cmsCore::request('item', 'array_int');
$to_cat_id = cmsCore::request('obj_id', 'int', 0);
if ($items && $to_cat_id) {
$last_ordering = (int)cmsCore::c('db')->get_field('cms_content', "category_id = '". $to_cat_id ."' ORDER BY ordering DESC", 'ordering');
foreach ($items as $item_id) {
$article = cmsCore::m('content')->getArticle($item_id);
if (!$article) { continue; }
$last_ordering++;
cmsCore::m('content')->updateArticle(
$article['id'],
array(
'category_id' => $to_cat_id,
'ordering' => $last_ordering,
'url' => $article['url'],
'title' => cmsCore::c('db')->escape_string($article['title']),
'id' => $article['id'],
'user_id' => $article['user_id']
)
);
}
cmsCore::addSessionMessage($_LANG['AD_ARTICLES_TO'], 'success');
}
cmsCore::redirect('?view=tree&cat_id='. $to_cat_id);
}
if ($do == 'show') {
if (!cmsCore::inRequest('item')) {
if ($id >= 0) { cmsCore::c('db')->setFlag('cms_content', $id, 'published', '1'); }
cmsCore::halt('1');
} else {
cmsCore::c('db')->setFlags('cms_content', cmsCore::request('item', 'array_int'), 'published', '1');
cmsCore::redirectBack();
}
}
if ($do == 'hide') {
if (!cmsCore::inRequest('item')) {
if ($id >= 0) { cmsCore::c('db')->setFlag('cms_content', $id, 'published', '0'); }
cmsCore::halt('1');
} else {
cmsCore::c('db')->setFlags('cms_content', cmsCore::request('item', 'array_int'), 'published', '0');
cmsCore::redirectBack();
}
}
if ($do == 'delete') {
if (!cmsCore::inRequest('item')) {
if ($id >= 0) {
cmsCore::m('content')->deleteArticle($id);
cmsCore::addSessionMessage($_LANG['AD_ARTICLE_REMOVE'], 'success');
}
} else {
cmsCore::m('content')->deleteArticles(cmsCore::request('item', 'array_int'));
cmsCore::addSessionMessage($_LANG['AD_ARTICLES_REMOVE'], 'success');
}
cmsCore::redirectBack();
}
if ($do == 'update'){
if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); }
//.........这里部分代码省略.........
示例15:
$blog = $inBlog->getBlog($cat['blog_id']);
if (!$blog) { cmsCore::halt(); }
$club = $model->getClub($blog['user_id']);
if(!$club) { cmsCore::halt(); }
if(!$club['enabled_blogs']){ cmsCore::halt(); }
$model->initClubMembers($club['id']);
$is_admin = $inUser->is_admin || ($inUser->id == $club['admin_id']);
$is_moder = $model->checkUserRightsInClub('moderator');
if (!$is_admin && !$is_moder) { cmsCore::halt(); }
if(!cmsUser::checkCsrfToken()) { cmsCore::halt(); }
$inBlog->deleteBlogCategory($cat['id']);
cmsCore::addSessionMessage($_LANG['CAT_IS_DELETED'], 'success');
cmsCore::jsonOutput(array('error' => false, 'redirect' => $model->getBlogURL($club['id'])));
}
///////////////////////// ПУБЛИКАЦИЯ ПОСТА /////////////////////////////////////
if ($bdo == 'publishpost'){
if (!cmsCore::isAjax() || !$inUser->id) { return false; }
$post = $inBlog->getPost($post_id);
if (!$post){ cmsCore::halt(); }
$blog = $inBlog->getBlog($post['blog_id']);