当前位置: 首页>>代码示例>>PHP>>正文


PHP flexicontent_html::is_safe_url方法代码示例

本文整理汇总了PHP中flexicontent_html::is_safe_url方法的典型用法代码示例。如果您正苦于以下问题:PHP flexicontent_html::is_safe_url方法的具体用法?PHP flexicontent_html::is_safe_url怎么用?PHP flexicontent_html::is_safe_url使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在flexicontent_html的用法示例。


在下文中一共展示了flexicontent_html::is_safe_url方法的2个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: vote

 /**
  * Method of the voting without AJAX. Exists for compatibility reasons, since it can be called by Joomla's content vote plugin.
  *
  * @access public
  * @since 1.0
  */
 function vote()
 {
     $id = JRequest::getInt('id', 0);
     $cid = JRequest::getInt('cid', 0);
     $url = JRequest::getString('url', '');
     $dolog = JComponentHelper::getParams('com_flexicontent')->get('print_logging_info');
     // Check that the pased URL variable is 'safe' (allowed) , e.g. not an offsite URL, otherwise for returning to HOME page
     if (!$url || !flexicontent_html::is_safe_url($url)) {
         if ($dolog) {
             JFactory::getApplication()->enqueueMessage('refused redirection to possible unsafe URL: ' . $url, 'notice');
         }
         $url = JRoute::_('index.php?view=' . FLEXI_ITEMVIEW . '&cid=' . $cid . '&id=' . $id);
     }
     // Finally store the vote
     JRequest::setVar('no_ajax', 1);
     $this->ajaxvote();
     $msg = '';
     $this->setRedirect($url, $msg);
 }
开发者ID:khetsothea,项目名称:flexicontent-cck,代码行数:25,代码来源:controller.php

示例2: _check_viewing_access

 /**
  * Method to CHECK item's -VIEWING- ACCESS, this could be moved to the controller,
  * if we do this, then we must check the view variable, because DISPLAY() CONTROLLER TASK
  * is shared among all views ... or create a separate FRONTEND controller for the ITEM VIEW
  *
  * @access	private
  * @return	array
  * @since	1.5
  */
 function _check_viewing_access($version = false)
 {
     global $globalcats;
     $app = JFactory::getApplication();
     $user = JFactory::getUser();
     $session = JFactory::getSession();
     $aid = (int) $user->get('aid');
     $gid = (int) $user->get('gid');
     $cid = $this->_cid;
     $params = $this->_item->parameters;
     $cparams = $this->_cparams;
     $fcreturn = serialize(array('id' => @$this->_item->id, 'cid' => $cid));
     // a special url parameter, used by some SEF code
     $referer = @$_SERVER['HTTP_REFERER'];
     // the previously viewed page (refer)
     if (!flexicontent_html::is_safe_url($referer)) {
         $referer = JURI::base();
     }
     // Ignore it if potentially non safe URL, e.g. non-internal
     // a basic item title string
     $title_str = "<br />" . JText::_('FLEXI_TITLE') . ": " . $this->_item->title . '[id: ' . $this->_item->id . ']';
     // Since we will check access for VIEW (=read) only, we skip checks if TASK Variable is set,
     // the edit() or add() or other controller task, will be responsible for checking permissions.
     if (@$this->_item->id && !JRequest::getVar('task', false) && JRequest::getVar('view') == FLEXI_ITEMVIEW) {
         //*************************************************************
         // STEP A: Calculate ownership, edit permission and read access
         // (a) isOwner, (b) canedititem, (c) canviewitem
         //*************************************************************
         // (a) Calculate if owned by current user
         $isOwner = $this->_item->created_by == $user->get('id');
         // (b) Calculate edit access ...
         // NOTE: we will allow view access if current user can edit the item (but set a warning message about it, see bellow)
         $canedititem = $params->get('access-edit');
         $caneditstate = $params->get('access-edit-state');
         if (!$caneditstate) {
             // Item not editable, check if item is editable till logoff
             if ($session->has('rendered_uneditable', 'flexicontent')) {
                 $rendered_uneditable = $session->get('rendered_uneditable', array(), 'flexicontent');
                 $canedititem = isset($rendered_uneditable[$this->_item->id]);
             }
         }
         // (c) Calculate read access ... also considering the access level of parent categories
         $_cid_ = $cid ? $cid : $this->_item->catid;
         if (!isset($this->_item->ancestor_cats_accessible)) {
             $aid_arr = JAccess::getAuthorisedViewLevels($user->id);
             $allowed_levels = array_flip($aid_arr);
             $catshelper = new flexicontent_cats($_cid_);
             $parents = $catshelper->getParentlist($all_cols = false);
             $ancestor_cats_accessible = true;
             foreach ($parents as $parent) {
                 if (!isset($allowed_levels[$parent->access])) {
                     $ancestor_cats_accessible = false;
                     break;
                 }
             }
             $this->_item->ancestor_cats_accessible = $ancestor_cats_accessible;
         }
         $canviewitem = $params->get('access-view') && $this->_item->ancestor_cats_accessible;
         // *********************************************************************************************
         // STEP B: Calculate SOME ITEM PUBLICATION STATE FLAGS, used to decide if current item is active
         // FLAGS: item_is_published, item_is_scheduled, item_is_expired, ancestor_cats_published
         // *********************************************************************************************
         $item_is_published = $this->_item->state == 1 || $this->_item->state == -5 || $this->_item->state == (FLEXI_J16GE ? 2 : -1);
         $item_is_scheduled = $this->_item->publication_scheduled;
         $item_is_expired = $this->_item->publication_expired;
         if ($cid) {
             // cid is set, check state of current item category only
             // NOTE:  J1.6+ all ancestor categories from current one to the root, for J1.5 only the current one ($cid)
             if (!isset($this->_item->ancestor_cats_published)) {
                 $ancestor_cats_published = true;
                 foreach ($globalcats[$cid]->ancestorsarray as $pcid) {
                     $ancestor_cats_published = $ancestor_cats_published && $globalcats[$pcid]->published == 1;
                 }
                 $this->_item->ancestor_cats_published = $ancestor_cats_published;
             }
             $ancestor_cats_published = $this->_item->ancestor_cats_published;
             //$this->_item->catpublished;
             $cats_np_err_mssg = JText::sprintf('FLEXI_CONTENT_UNAVAILABLE_ITEM_CURRCAT_UNPUBLISHED', $cid);
         } else {
             // cid is not set, we have no current category, the item is visible if it belongs to at one published category
             $itemcats = $this->_item->categories;
             $ancestor_cats_published = true;
             foreach ($itemcats as $catid) {
                 if (!isset($globalcats[$catid])) {
                     continue;
                 }
                 $ancestor_cats_published |= $globalcats[$catid]->published;
                 // For J1.6+ check all ancestor categories from current one to the root
                 foreach ($globalcats[$catid]->ancestorsarray as $pcid) {
                     $ancestor_cats_published = $ancestor_cats_published && $globalcats[$pcid]->published == 1;
                 }
//.........这里部分代码省略.........
开发者ID:khetsothea,项目名称:flexicontent-cck,代码行数:101,代码来源:item.php


注:本文中的flexicontent_html::is_safe_url方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。