当前位置: 首页>>代码示例>>PHP>>正文


PHP cmsUser::clearCsrfToken方法代码示例

本文整理汇总了PHP中cmsUser::clearCsrfToken方法的典型用法代码示例。如果您正苦于以下问题:PHP cmsUser::clearCsrfToken方法的具体用法?PHP cmsUser::clearCsrfToken怎么用?PHP cmsUser::clearCsrfToken使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在cmsUser的用法示例。


在下文中一共展示了cmsUser::clearCsrfToken方法的3个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: photos


//.........这里部分代码省略.........
        }
        if (mb_strstr($photo['NSDiffer'], 'club')) {
            cmsCore::halt();
        }
        if (!$inUser->is_admin) {
            cmsCore::halt();
        }
        if (!cmsCore::inRequest('move_photo')) {
            cmsPage::initTemplate('components', 'com_photos_move')->assign('form_action', '/photos/movephoto' . $photo['id'] . '.html')->assign('html', $inPhoto->getAlbumsOption('', $photo['album_id']))->display('com_photos_move.tpl');
            cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean()));
        } else {
            $album = cmsCore::callEvent('GET_PHOTO_ALBUM', $inDB->getNsCategory('cms_photo_albums', cmsCore::request('album_id', 'int')));
            if (!$album) {
                cmsCore::halt();
            }
            if (!$album['public'] && !$inUser->is_admin) {
                cmsCore::error404();
            }
            // Смотрим ограничения загрузки в сутки
            $today_uploaded = $album['uplimit'] ? $model->loadedByUser24h($inUser->id, $album['id']) : 0;
            if (!$inUser->is_admin && $album['uplimit'] && $today_uploaded >= $album['uplimit']) {
                cmsCore::jsonOutput(array('error' => true, 'text' => '<strong>' . $_LANG['MAX_UPLOAD_IN_DAY'] . '</strong> ' . $_LANG['CAN_UPLOAD_TOMORROW']));
            }
            $inDB->query("UPDATE cms_photo_files SET album_id = '{$album['id']}' WHERE id = '{$photo['id']}'");
            cmsActions::updateLog('add_photo', array('target' => $album['title'], 'target_url' => '/photos/' . $album['id'], 'target_id' => $album['id']), $photo['id']);
            cmsCore::addSessionMessage($_LANG['PHOTO_MOVED'], 'info');
            cmsCore::jsonOutput(array('error' => false, 'redirect' => '/photos/' . $album['id']));
        }
    }
    /////////////////////////////// PHOTO DELETE /////////////////////////////////////////////////////////////////////////////////////////
    if ($do == 'delphoto') {
        if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
            cmsCore::halt();
        }
        if (!$inUser->id) {
            cmsCore::halt();
        }
        if (!cmsUser::checkCsrfToken()) {
            cmsCore::halt();
        }
        $photo = cmsCore::callEvent('GET_PHOTO', $inPhoto->getPhoto($id));
        if (!$photo) {
            cmsCore::halt();
        }
        if (mb_strstr($photo['NSDiffer'], 'club')) {
            cmsCore::halt();
        }
        $is_author = $photo['user_id'] == $inUser->id && $inUser->id;
        if (!$inUser->is_admin && !$is_author) {
            cmsCore::halt();
        }
        $inPhoto->deletePhoto($photo, $model->initUploadClass($inDB->getNsCategory('cms_photo_albums', $photo['album_id'])));
        cmsCore::addSessionMessage($_LANG['PHOTO_DELETED'], 'success');
        cmsUser::clearCsrfToken();
        cmsCore::jsonOutput(array('error' => false, 'redirect' => '/photos/' . $photo['album_id']));
    }
    /////////////////////////////// PHOTO PUBLISH /////////////////////////////////////////////////////////////////////////////////////////
    if ($do == 'publish_photo') {
        if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') {
            cmsCore::halt();
        }
        if (!$inUser->id) {
            cmsCore::halt();
        }
        $photo = cmsCore::callEvent('GET_PHOTO', $inPhoto->getPhoto($id));
        if (!$photo) {
            cmsCore::halt();
        }
        if (!$inUser->is_admin) {
            cmsCore::halt();
        }
        $inPhoto->publishPhoto($photo['id']);
        cmsCore::callEvent('ADD_PHOTO_DONE', $photo);
        $description = '<a href="/photos/photo' . $photo['id'] . '.html" class="act_photo"><img src="/images/photos/small/' . $photo['file'] . '" alt="' . htmlspecialchars(stripslashes($photo['title'])) . '" /></a>';
        cmsActions::log('add_photo', array('object' => $photo['title'], 'object_url' => '/photos/photo' . $photo['id'] . '.html', 'object_id' => $photo['id'], 'user_id' => $photo['user_id'], 'target' => $photo['cat_title'], 'target_id' => $photo['album_id'], 'target_url' => '/photos/' . $photo['album_id'], 'description' => $description));
        cmsCore::halt('ok');
    }
    /////////////////////////////// VIEW LATEST/BEST PHOTOS //////////////////////////////////////////////////////////////////////////////
    if (in_array($do, array('latest', 'best'))) {
        if ($do == 'latest') {
            $inDB->orderBy('f.pubdate', 'DESC');
            $pagetitle = $pagetitle && $inCore->isMenuIdStrict() ? $pagetitle : $_LANG['NEW_PHOTO_IN_GALLERY'];
        } else {
            $inDB->orderBy('f.rating', 'DESC');
            $pagetitle = $pagetitle && $inCore->isMenuIdStrict() ? $pagetitle : $_LANG['BEST_PHOTOS'];
        }
        $inDB->limit($model->config['best_latest_perpage']);
        // выбираем категории фото
        $inDB->addJoin("INNER JOIN cms_photo_albums a ON a.id = f.album_id AND a.published = 1 AND a.NSDiffer = ''");
        $inDB->addSelect('a.title as cat_title');
        $photos = $inPhoto->getPhotos(false, 'with_comments');
        if (!$photos) {
            cmsCore::error404();
        }
        $inPage->addPathway($pagetitle);
        $inPage->setTitle($pagetitle);
        cmsPage::initTemplate('components', 'com_photos_bl')->assign('maxcols', $model->config['best_latest_maxcols'])->assign('pagetitle', $pagetitle)->assign('photos', $photos)->display('com_photos_bl.tpl');
    }
    /////////////////////////////// /////////////////////////////// ////////////////
}
开发者ID:deltas1,项目名称:icms1,代码行数:101,代码来源:frontend.php

示例2: applet_plugins

function applet_plugins()
{
    global $_LANG;
    $inCore = cmsCore::getInstance();
    $GLOBALS['cp_page_title'] = $_LANG['AD_PLUGINS'];
    cpAddPathway($_LANG['AD_PLUGINS'], 'index.php?view=plugins');
    global $adminAccess;
    if (!cmsUser::isAdminCan('admin/plugins', $adminAccess)) {
        cpAccessDenied();
    }
    $do = cmsCore::request('do', 'str', 'list');
    $id = cmsCore::request('id', 'int', -1);
    // ===================================================================================== //
    if ($do == 'hide') {
        dbHide('cms_plugins', $id);
        echo '1';
        exit;
    }
    // ===================================================================================== //
    if ($do == 'show') {
        dbShow('cms_plugins', $id);
        echo '1';
        exit;
    }
    // ===================================================================================== //
    if ($do == 'list') {
        $toolmenu = array();
        $toolmenu[1]['icon'] = 'install.gif';
        $toolmenu[1]['title'] = $_LANG['AD_INSTALL_PLUGINS'];
        $toolmenu[1]['link'] = '?view=install&do=plugin';
        cpToolMenu($toolmenu);
        $plugin_id = cmsCore::request('installed', 'str', '');
        if ($plugin_id) {
            $task = cmsCore::request('task', 'str', 'install');
            if ($task == 'install' || $task == 'upgrade') {
                $plugin = $inCore->loadPlugin($plugin_id);
                $task_str = $task == 'install' ? $_LANG['AD_IS_INSTALL'] : $_LANG['AD_IS_UPDATE'];
                echo '<div style="color:green;margin-top:12px;margin-bottom:5px;">' . $_LANG['AD_PLUGIN'] . ' <strong>"' . $plugin->info['title'] . '"</strong> ' . $task_str . '. ' . $_LANG['AD_ENABLE_PLUGIN'] . '.</div>';
            }
            if ($task == 'remove') {
                echo '<div style="color:green;margin-top:12px;margin-bottom:5px;">' . $_LANG['AD_REMOVE_PLUGIN_OK'] . '.</div>';
            }
        }
        $fields = array();
        $fields[0]['title'] = 'id';
        $fields[0]['field'] = 'id';
        $fields[0]['width'] = '20';
        $fields[1]['title'] = $_LANG['TITLE'];
        $fields[1]['field'] = 'title';
        $fields[1]['width'] = '250';
        $fields[2]['title'] = $_LANG['DESCRIPTION'];
        $fields[2]['field'] = 'description';
        $fields[2]['width'] = '';
        $fields[3]['title'] = $_LANG['AD_AUTHOR'];
        $fields[3]['field'] = 'author';
        $fields[3]['width'] = '160';
        $fields[4]['title'] = $_LANG['AD_VERSION'];
        $fields[4]['field'] = 'version';
        $fields[4]['width'] = '50';
        $fields[5]['title'] = $_LANG['AD_FOLDER'];
        $fields[5]['field'] = 'plugin';
        $fields[5]['width'] = '100';
        $fields[6]['title'] = $_LANG['AD_ENABLE'];
        $fields[6]['field'] = 'published';
        $fields[6]['width'] = '60';
        $actions = array();
        $actions[0]['title'] = $_LANG['AD_CONFIG'];
        $actions[0]['icon'] = 'config.gif';
        $actions[0]['link'] = '?view=plugins&do=config&id=%id%';
        $actions[1]['title'] = $_LANG['DELETE'];
        $actions[1]['icon'] = 'delete.gif';
        $actions[1]['confirm'] = $_LANG['AD_REMOVE_PLUGIN_FROM'];
        $actions[1]['link'] = '?view=install&do=remove_plugin&id=%id%';
        cpListTable('cms_plugins', $fields, $actions);
    }
    // ===================================================================================== //
    if ($do == 'save_config') {
        if (!cmsCore::validateForm()) {
            cmsCore::error404();
        }
        $plugin_name = cmsCore::request('plugin', 'str', 0);
        $config = cmsCore::request('config', 'array_str');
        if (!$config || !$plugin_name) {
            cmsCore::redirectBack();
        }
        $inCore->savePluginConfig($plugin_name, $config);
        cmsUser::clearCsrfToken();
        cmsCore::addSessionMessage($_LANG['AD_CONFIG_SAVE_SUCCESS'], 'success');
        cmsCore::redirect('index.php?view=plugins');
    }
    // ===================================================================================== //
    if ($do == 'config') {
        $plugin_name = $inCore->getPluginById($id);
        if (!$plugin_name) {
            cmsCore::error404();
        }
        $plugin = $inCore->loadPlugin($plugin_name);
        $config = $inCore->loadPluginConfig($plugin_name);
        $GLOBALS['cp_page_title'] = $plugin->info['title'];
        cpAddPathway($plugin->info['title'], 'index.php?view=plugins&do=config&id=' . $id);
//.........这里部分代码省略.........
开发者ID:4uva4ek,项目名称:svato,代码行数:101,代码来源:plugins.php

示例3: blog


//.........这里部分代码省略.........
            $allow_who = cmsCore::request('allow_who', 'str', 'all');
            $ownertype = cmsCore::request('ownertype', 'str', 'single');
            $premod = cmsCore::request('premod', 'int', 0);
            $forall = cmsCore::request('forall', 'int', 1);
            $showcats = cmsCore::request('showcats', 'int', 1);
            $authors = cmsCore::request('authorslist', 'array_int', array());
            //Проверяем настройки
            if (mb_strlen($title) < 5) {
                $title = $blog['title'];
            }
            //Проверяем ограничения по карме (для смены типа блога)
            if ($model->config['min_karma'] && !$inUser->is_admin) {
                // если персональный блог
                if ($ownertype == 'single' && $inUser->karma < $model->config['min_karma_private']) {
                    cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['BLOG_YOU_NEED'] . ' <a href="/users/' . $inUser->id . '/karma.html">' . $_LANG['BLOG_KARMS'] . '</a> ' . $_LANG['FOR_CREATE_PERSON_BLOG'] . ' &mdash; ' . $model->config['min_karma_private'] . ', ' . $_LANG['BLOG_HEAVING'] . ' &mdash; ' . $inUser->karma));
                }
                // если коллективный блог
                if ($ownertype == 'multi' && $inUser->karma < $model->config['min_karma_public']) {
                    cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['BLOG_YOU_NEED'] . ' <a href="/users/' . $inUser->id . '/karma.html">' . $_LANG['BLOG_KARMS'] . '</a> ' . $_LANG['FOR_CREATE_TEAM_BLOG'] . ' &mdash; ' . $model->config['min_karma_public'] . ', ' . $_LANG['BLOG_HEAVING'] . ' &mdash; ' . $inUser->karma));
                }
            }
            //сохраняем авторов
            $inBlog->updateBlogAuthors($blog['id'], $authors);
            //сохраняем настройки блога
            $blog['seolink_new'] = $inBlog->updateBlog($blog['id'], array('title' => $title, 'allow_who' => $allow_who, 'showcats' => $showcats, 'ownertype' => $ownertype, 'premod' => $premod, 'forall' => $forall), $model->config['update_seo_link_blog']);
            $blog['seolink'] = $blog['seolink_new'] ? $blog['seolink_new'] : $blog['seolink'];
            if (stripslashes($title) != $blog['title']) {
                // обновляем записи постов
                cmsActions::updateLog('add_post', array('target' => $title, 'target_url' => $model->getBlogURL()), 0, $blog['id']);
                // обновляем запись добавления блога
                cmsActions::updateLog('add_blog', array('object' => $title, 'object_url' => $model->getBlogURL()), $blog['id']);
            }
            // Очищаем токен
            cmsUser::clearCsrfToken();
            cmsCore::jsonOutput(array('error' => false, 'redirect' => $model->getBlogURL()));
        }
    }
    ////////// ПРОСМОТР БЛОГА ////////////////////////////////////////////////////////////////////////////////////////
    if ($do == 'blog') {
        // получаем блог
        $blog = $inBlog->getBlog($blog_id);
        if (!$blog) {
            cmsCore::error404();
        }
        // Права доступа
        $myblog = $inUser->id && $inUser->id == $blog['user_id'];
        // автор блога
        $is_writer = $inBlog->isUserBlogWriter($blog, $inUser->id);
        // может ли пользователь писать в блог
        // Заполняем head страницы
        $inPage->setTitle($blog['title']);
        //$inPage->addPathway($blog['title'], $model->getBlogURL($blog['seolink']));
        $inPage->setDescription($blog['title']);
        // rss в адресной строке
        $inPage->addHead('<link rel="alternate" type="application/rss+xml" title="' . htmlspecialchars(strip_tags($blog['title'])) . '" href="' . HOST . '/rss/blogs/' . $blog['id'] . '/feed.rss">');
        if ($myblog || $inUser->is_admin) {
            $inPage->addHeadJS('components/blog/js/blog.js');
        }
        //Если доступа нет, возвращаемся и выводим сообщение об ошибке
        if (!cmsUser::checkUserContentAccess($blog['allow_who'], $blog['user_id'])) {
            cmsCore::addSessionMessage($_LANG['CLOSED_BLOG'] . '<br>' . $_LANG['CLOSED_BLOG_TEXT'], 'error');
            cmsCore::redirect('/');
        }
        // Если показываем посты на модерации, если запрашиваем их
        if ($on_moderate) {
            if (!$inUser->is_admin && !($myblog && $blog['ownertype'] == 'multi' && $blog['premod'])) {
开发者ID:4uva4ek,项目名称:svato,代码行数:67,代码来源:frontend.php


注:本文中的cmsUser::clearCsrfToken方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。