本文整理汇总了PHP中module_security::can_access_data方法的典型用法代码示例。如果您正苦于以下问题:PHP module_security::can_access_data方法的具体用法?PHP module_security::can_access_data怎么用?PHP module_security::can_access_data使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类module_security的用法示例。
在下文中一共展示了module_security::can_access_data方法的3个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: set_error
if (!module_ticket::can_i('edit', 'Tickets') && !module_ticket::can_i('create', 'Tickets')) {
set_error('Access to editing or creating tickets is denied.');
redirect_browser(module_ticket::link_open(false));
}
}
} else {
$ticket_id = false;
if (class_exists('module_security', false)) {
module_security::check_page(array('module' => $module->module_name, 'feature' => 'create'));
}
}
if (module_ticket::can_edit_tickets()) {
module_ticket::mark_as_read($ticket_id, true);
}
//$module->pre_menu(); // so the links are re-build and the correct "unread" count is at the top.
if (!module_security::can_access_data('ticket', $ticket)) {
echo 'Ticket access denied';
exit;
}
$ticket_messages = module_ticket::get_ticket_messages($ticket['ticket_id'], true);
if (!isset($logged_in_user) || !$logged_in_user) {
// we assume the user is on the public side.
// use the creator id as the logged in id.
$logged_in_user = module_security::get_loggedin_id();
}
$ticket_creator = $ticket['user_id'];
if ($ticket_creator == $logged_in_user) {
// we are sending a reply back to the admin, from the end user.
$to_user_id = $ticket['assigned_user_id'] ? $ticket['assigned_user_id'] : 1;
$from_user_id = $logged_in_user;
} else {示例2: die
* More licence clarification available here: http://codecanyon.net/wiki/support/legal-terms/licensing-terms/
* Deploy: 9809 f200f46c2a19bb98d112f2d32a8de0c4
* Envato: 4ffca17e-861e-4921-86c3-8931978c40ca
* Package Date: 2015-11-25 02:55:20
* IP Address: 67.79.165.254
*/
if (!$invoice_safe) {
die('failed');
}
$invoice_id = (int) $_REQUEST['invoice_id'];
$invoice = module_invoice::get_invoice($invoice_id);
if ($invoice_id > 0 && $invoice && $invoice['invoice_id'] == $invoice_id) {
$module->page_title = _l('Invoice: #%s', htmlspecialchars($invoice['name']));
if (class_exists('module_security', false)) {
// make sure current customer can access this invoice
if (!module_security::can_access_data('invoice', $invoice, $invoice_id)) {
echo 'Data access denied. Sorry.';
exit;
}
module_security::check_page(array('category' => 'Invoice', 'page_name' => 'Invoices', 'module' => 'invoice', 'feature' => 'edit'));
}
} else {
$invoice_id = 0;
$invoice = module_invoice::get_invoice($invoice_id);
if (class_exists('module_security', false)) {
module_security::check_page(array('category' => 'Invoice', 'page_name' => 'Invoices', 'module' => 'invoice', 'feature' => 'create'));
}
module_security::sanatise_data('invoice', $invoice);
}
$invoice_items = module_invoice::get_invoice_items($invoice_id, $invoice);
$invoice_locked = $invoice['date_sent'] && $invoice['date_sent'] != '0000-00-00' || $invoice['date_paid'] && $invoice['date_paid'] != '0000-00-00';示例3: process
public function process()
{
$errors = array();
if ($_REQUEST['_process'] == 'make_payment') {
$this->handle_payment();
} else {
if (isset($_REQUEST['butt_del']) && $_REQUEST['butt_del'] && $_REQUEST['invoice_id'] && module_invoice::can_i('delete', 'Invoices')) {
$data = self::get_invoice($_REQUEST['invoice_id']);
if (module_form::confirm_delete('invoice_id', _l("Really delete invoice: %s", htmlspecialchars($data['name'])), self::link_open($_REQUEST['invoice_id']))) {
$invoice_data = self::get_invoice($_REQUEST['invoice_id'], true);
$this->delete_invoice($_REQUEST['invoice_id']);
set_message("Invoice deleted successfully");
if (isset($invoice_data['job_ids']) && $invoice_data['job_ids']) {
redirect_browser(module_job::link_open(current($invoice_data['job_ids'])));
} else {
redirect_browser(self::link_open(false));
}
}
} else {
if ("assign_credit_to_customer" == $_REQUEST['_process']) {
$invoice_id = (int) $_REQUEST['invoice_id'];
if ($invoice_id > 0) {
$invoice_data = $this->get_invoice($invoice_id);
$credit = $invoice_data['total_amount_credit'];
if ($credit > 0) {
if ($invoice_data['customer_id']) {
// assign to customer.
module_customer::add_credit($invoice_data['customer_id'], $credit);
// assign this as a negative payment, and also give it to the customer account.
$this->add_history($invoice_id, 'Added ' . dollar($credit) . ' credit to customers account from this invoice overpayment');
update_insert('invoice_payment_id', 'new', 'invoice_payment', array('invoice_id' => $invoice_id, 'amount' => -$credit, 'payment_type' => _INVOICE_PAYMENT_TYPE_OVERPAYMENT_CREDIT, 'currency_id' => $invoice_data['currency_id'], 'method' => _l('Assigning Credit'), 'date_paid' => date('Y-m-d')));
module_cache::clear('invoice');
}
}
redirect_browser($this->link_open($invoice_id));
}
} else {
if ("save_invoice" == $_REQUEST['_process']) {
$invoice_id = isset($_REQUEST['invoice_id']) ? (int) $_REQUEST['invoice_id'] : false;
// check the user has permissions to edit this page.
if ($invoice_id > 0) {
$invoice = $this->get_invoice($invoice_id);
if (!module_security::can_access_data('invoice', $invoice, $invoice_id)) {
echo 'Data access denied. Sorry.';
exit;
}
}
if (!$this->can_i('edit', 'Invoices')) {
// bug fix, customer making a payment displays this edit access denied.
if (isset($_REQUEST['butt_makepayment']) && $_REQUEST['butt_makepayment'] == 'yes') {
//redirect_browser(self::link_public_pay($invoice_id));
self::handle_payment();
return;
} else {
echo 'Edit access denied. Sorry.';
exit;
}
}
$data = $_POST;
if (isset($data['default_renew_auto']) && !isset($data['renew_auto'])) {
$data['renew_auto'] = 0;
}
if (isset($data['default_renew_email']) && !isset($data['renew_email'])) {
$data['renew_email'] = 0;
}
if (isset($data['default_overdue_email_auto']) && !isset($data['overdue_email_auto'])) {
$data['overdue_email_auto'] = 0;
}
if (isset($data['set_manual_company_id'])) {
$data['company_id'] = $data['set_manual_company_id'];
}
if (isset($data['customer_id']) && $data['customer_id'] && (!isset($data['user_id']) || !$data['user_id'])) {
// find the primary contact for this invoice and set that there?
// no - we don't! we leave it as blank so we can update the customer primary contact when needed.
/*
$customer_data = module_customer::get_customer($data['customer_id']);
if($customer_data && $customer_data['customer_id'] == $data['customer_id']){
if($customer_data['primary_user_id']){
$data['user_id'] = $customer_data['primary_user_id'];
}else{
$customer_contacts = module_user::get_contacts(array('customer_id'=>$data['customer_id']));
foreach($customer_contacts as $contact){
// todo - search roles or something to find the accountant.
$data['user_id'] = $contact['user_id'];
break;
}
}
}*/
}
// check for credit assessment.
if (isset($_POST['apply_credit_from_customer']) && $_POST['apply_credit_from_customer'] == 'do') {
$invoice_data = $this->get_invoice($invoice_id);
$customer_data = module_customer::get_customer($invoice_data['customer_id']);
if ($customer_data['credit'] > 0) {
$apply_credit = min($invoice_data['total_amount_due'], $customer_data['credit']);
//$invoice_data['discount_amount'] += $customer_data['credit'];
//$this->save_invoice($invoice_id,array('discount_amount'=>$invoice_data['discount_amount'],'discount_description'=>_l('Credit:')));
update_insert('invoice_payment_id', false, 'invoice_payment', array('invoice_id' => $invoice_id, 'payment_type' => _INVOICE_PAYMENT_TYPE_CREDIT, 'method' => _l('Credit'), 'amount' => $apply_credit, 'currency_id' => $invoice_data['currency_id'], 'other_id' => $invoice_data['customer_id'], 'date_paid' => date('Y-m-d')));
$this->add_history($invoice_id, _l('Applying %s customer credit to this invoice.', dollar($apply_credit)));
module_cache::clear('invoice');
//.........这里部分代码省略.........