本文整理汇总了PHP中module_security::check_page方法的典型用法代码示例。如果您正苦于以下问题:PHP module_security::check_page方法的具体用法?PHP module_security::check_page怎么用?PHP module_security::check_page使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类module_security
的用法示例。
在下文中一共展示了module_security::check_page方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: redirect_browser
redirect_browser(module_customer::link_open($_REQUEST['customer_id']));
}
}
if ($user_id == 1 && module_security::get_loggedin_id() != 1) {
set_error('Sorry, only the Administrator can access this page.');
redirect_browser(_UCM_HOST . _BASE_HREF);
}
// permission check.
if (!$user_id) {
// check if can create.
module_security::check_page(array('category' => 'Config', 'page_name' => 'Users', 'module' => 'user', 'feature' => 'Create'));
// are we creating a new user?
$user['roles'] = array(array('security_role_id' => module_config::c('user_default_role', 0)));
} else {
// check if can view/edit.
module_security::check_page(array('category' => 'Config', 'page_name' => 'Users', 'module' => 'user', 'feature' => 'Edit'));
}
// work out the user type and invluce that particular file
/*$user_type_id = (int)$user['user_type_id'];
if(!$user_type_id){
if(in_array('config',$load_modules)){
$user_type_id = 1;
}else{
$user_type_id = 2;
}
}*/
//include('user_admin_edit'.$user_type_id.'.php');
//include('user_admin_edit1.php');
if (isset($user['customer_id']) && $user['customer_id'] || isset($user['vendor_id']) && $user['vendor_id']) {
// we have a contact!
示例2: array
$staff_members = module_user::get_staff_members();
$staff_member_rel = array();
foreach ($staff_members as $staff_member) {
$staff_member_rel[$staff_member['user_id']] = $staff_member['name'];
}
$c = array();
$customers = module_customer::get_customers();
foreach ($customers as $customer) {
$c[$customer['customer_id']] = $customer['customer_name'];
}
if (count($c) == 1) {
$job['customer_id'] = key($c);
}
// check permissions.
if (class_exists('module_security', false)) {
module_security::check_page(array('category' => 'Job', 'page_name' => 'Jobs', 'module' => 'job', 'feature' => 'create'));
}
$job_tasks = module_job::get_tasks($job_id);
?>
<script type="text/javascript">
var completed_tasks_hidden = false; // set with session variable / cookie
var editing_task_id = false;
function show_completed_tasks(){
}
function hide_completed_tasks(){
}
function setamount(a,task_id){
示例3: redirect_browser
* Envato: 4ffca17e-861e-4921-86c3-8931978c40ca
* Package Date: 2015-11-25 02:55:20
* IP Address: 67.79.165.254
*/
if (!$module->can_i('view', 'Products') || !$module->can_i('edit', 'Products')) {
redirect_browser(_BASE_HREF);
}
// check permissions.
if (class_exists('module_security', false)) {
if ($product_category_id > 0 && $product_category['product_category_id'] == $product_category_id) {
// if they are not allowed to "edit" a page, but the "view" permission exists
// then we automatically grab the page and regex all the crap out of it that they are not allowed to change
// eg: form elements, submit buttons, etc..
module_security::check_page(array('category' => 'Product', 'page_name' => 'Products', 'module' => 'product', 'feature' => 'Edit'));
} else {
module_security::check_page(array('category' => 'Product', 'page_name' => 'Products', 'module' => 'product', 'feature' => 'Create'));
}
module_security::sanatise_data('product', $product_category);
}
?>
<form action="" method="post" id="product_category_form">
<input type="hidden" name="_process" value="save_product_category" />
<input type="hidden" name="product_category_id" value="<?php
echo (int) $product_category_id;
?>
" />
<?php
module_form::set_required(array('fields' => array('name' => 'Name')));
module_form::prevent_exit(array('valid_exits' => array('.submit_button')));
示例4: array
<?php
/**
* Copyright: dtbaker 2012
* Licence: Please check CodeCanyon.net for licence details.
* More licence clarification available here: http://codecanyon.net/wiki/support/legal-terms/licensing-terms/
* Deploy: 9809 f200f46c2a19bb98d112f2d32a8de0c4
* Envato: 4ffca17e-861e-4921-86c3-8931978c40ca
* Package Date: 2015-11-25 02:55:20
* IP Address: 67.79.165.254
*/
$group_id = (int) $_REQUEST['group_id'];
$group = array();
if ($group_id > 0) {
if (class_exists('module_security', false)) {
module_security::check_page(array('category' => 'Group', 'page_name' => 'Groups', 'module' => 'group', 'feature' => 'edit'));
}
$group = module_group::get_group($group_id);
} else {
}
if (!$group) {
die('Creating groups this way is disabled');
$group_id = 'new';
$group = array('group_id' => 'new', 'name' => '', 'default_text' => '');
module_security::sanatise_data('group', $group);
}
?>
<form action="" method="post">
<?php
示例5: redirect_browser
* Copyright: dtbaker 2012
* Licence: Please check CodeCanyon.net for licence details.
* More licence clarification available here: http://codecanyon.net/wiki/support/legal-terms/licensing-terms/
* Deploy: 9809 f200f46c2a19bb98d112f2d32a8de0c4
* Envato: 4ffca17e-861e-4921-86c3-8931978c40ca
* Package Date: 2015-11-25 02:55:20
* IP Address: 67.79.165.254
*/
if (!module_config::can_i('edit', 'Settings')) {
redirect_browser(_BASE_HREF);
}
$company_id = (int) $_REQUEST['company_id'];
$company = array();
if ($company_id > 0) {
if (class_exists('module_security', false)) {
module_security::check_page(array('category' => 'Company', 'page_name' => 'Company', 'module' => 'company', 'feature' => 'edit'));
}
$company = module_company::get_company($company_id);
} else {
}
if (!$company) {
$company_id = 'new';
$company = array('company_id' => 'new', 'name' => '');
module_security::sanatise_data('company', $company);
}
?>
<form action="" method="post">
<input type="hidden" name="_process" value="save_company" />
<input type="hidden" name="company_id" value="<?php
示例6: _l
$invoice = module_invoice::get_invoice($invoice_id);
if ($invoice_id > 0 && $invoice && $invoice['invoice_id'] == $invoice_id) {
$module->page_title = _l('Invoice: #%s', htmlspecialchars($invoice['name']));
if (class_exists('module_security', false)) {
// make sure current customer can access this invoice
if (!module_security::can_access_data('invoice', $invoice, $invoice_id)) {
echo 'Data access denied. Sorry.';
exit;
}
module_security::check_page(array('category' => 'Invoice', 'page_name' => 'Invoices', 'module' => 'invoice', 'feature' => 'edit'));
}
} else {
$invoice_id = 0;
$invoice = module_invoice::get_invoice($invoice_id);
if (class_exists('module_security', false)) {
module_security::check_page(array('category' => 'Invoice', 'page_name' => 'Invoices', 'module' => 'invoice', 'feature' => 'create'));
}
module_security::sanatise_data('invoice', $invoice);
}
$invoice_items = module_invoice::get_invoice_items($invoice_id, $invoice);
$invoice_locked = $invoice['date_sent'] && $invoice['date_sent'] != '0000-00-00' || $invoice['date_paid'] && $invoice['date_paid'] != '0000-00-00';
if (isset($_REQUEST['as_deposit']) && isset($_REQUEST['job_id'])) {
$invoice['deposit_job_id'] = (int) $_REQUEST['job_id'];
}
$discounts_allowed = !(isset($invoice['deposit_job_id']) && $invoice['deposit_job_id'] > 0);
$customer_data = array();
if ($invoice['customer_id']) {
$customer_data = module_customer::get_customer($invoice['customer_id']);
}
$show_task_dates = module_config::c('invoice_task_list_show_date', 1);
$colspan = 2;
示例7: array
* Envato: 4ffca17e-861e-4921-86c3-8931978c40ca
* Package Date: 2015-11-25 02:55:20
* IP Address: 67.79.165.254
*/
$member_id = (int) $_REQUEST['member_id'];
$member = array();
$member = module_member::get_member($member_id);
// check permissions.
if (class_exists('module_security', false)) {
if ($member_id > 0 && $member['member_id'] == $member_id) {
// if they are not allowed to "edit" a page, but the "view" permission exists
// then we automatically grab the page and regex all the crap out of it that they are not allowed to change
// eg: form elements, submit buttons, etc..
module_security::check_page(array('category' => 'Member', 'page_name' => 'Members', 'module' => 'member', 'feature' => 'Edit'));
} else {
module_security::check_page(array('category' => 'Member', 'page_name' => 'Members', 'module' => 'member', 'feature' => 'Create'));
}
module_security::sanatise_data('member', $member);
}
$module->page_title = _l('Member: %s', htmlspecialchars($member['first_name'] . ' ' . $member['last_name']));
?>
<form action="" method="post" id="member_form">
<input type="hidden" name="_process" value="save_member" />
<input type="hidden" name="member_id" value="<?php
echo $member_id;
?>
" />
<?php
module_form::set_required(array('fields' => array('first_name' => 'Name', 'email' => 'Email')));
示例8: redirect_browser
*/
if (!module_config::can_i('view', 'Settings')) {
redirect_browser(_BASE_HREF);
}
$subscription_id = (int) $_REQUEST['subscription_id'];
$subscription = array();
$subscription = module_subscription::get_subscription($subscription_id);
// check permissions.
if (class_exists('module_security', false)) {
if ($subscription_id > 0 && $subscription['subscription_id'] == $subscription_id) {
// if they are not allowed to "edit" a page, but the "view" permission exists
// then we automatically grab the page and regex all the crap out of it that they are not allowed to change
// eg: form elements, submit buttons, etc..
module_security::check_page(array('category' => 'Subscription', 'page_name' => 'Subscriptions', 'module' => 'subscription', 'feature' => 'Edit'));
} else {
module_security::check_page(array('category' => 'Subscription', 'page_name' => 'Subscriptions', 'module' => 'subscription', 'feature' => 'Create'));
}
module_security::sanatise_data('subscription', $subscription);
}
?>
<?php
hook_handle_callback('layout_column_half', 1);
?>
<form action="" method="post" id="subscription_form">
<input type="hidden" name="_process" value="save_subscription" />
<input type="hidden" name="subscription_id" value="<?php
echo $subscription_id;
示例9: array
$customer = array();
$customer = module_customer::get_customer($customer_id);
if ($customer_id > 0 && $customer['customer_id'] == $customer_id) {
$module->page_title = _l($page_type_single . ': %s', $customer['customer_name']);
} else {
$module->page_title = _l($page_type_single . ': %s', _l('New'));
}
// check permissions.
if (class_exists('module_security', false)) {
if ($customer_id > 0 && $customer['customer_id'] == $customer_id) {
// if they are not allowed to "edit" a page, but the "view" permission exists
// then we automatically grab the page and regex all the crap out of it that they are not allowed to change
// eg: form elements, submit buttons, etc..
module_security::check_page(array('category' => 'Customer', 'page_name' => $page_type, 'module' => 'customer', 'feature' => 'Edit'));
} else {
module_security::check_page(array('category' => 'Customer', 'page_name' => $page_type, 'module' => 'customer', 'feature' => 'Create'));
}
module_security::sanatise_data('customer', $customer);
}
if (isset($_REQUEST['preview_email'])) {
module_template::init_template('customer_statement_email', 'Dear {CUSTOMER_NAME},<br>
<br>
Please find below a copy of your details.<br><br>
{EMAIL_DETAILS}<br><br>
Thank you,<br><br>
{FROM_NAME}
', 'Customer Statement: {CUSTOMER_NAME}', array('CUSTOMER_NAME' => 'Customers Name'));
$template_name = isset($_REQUEST['template_name']) ? $_REQUEST['template_name'] : 'customer_statement_email';
$template = module_template::get_template_by_key($template_name);
$to = module_user::get_contacts(array('customer_id' => $customer['customer_id']));
$to_select = false;
示例10: _l
<?php
/**
* Copyright: dtbaker 2012
* Licence: Please check CodeCanyon.net for licence details.
* More licence clarification available here: http://codecanyon.net/wiki/support/legal-terms/licensing-terms/
* Deploy: 9809 f200f46c2a19bb98d112f2d32a8de0c4
* Envato: 4ffca17e-861e-4921-86c3-8931978c40ca
* Package Date: 2015-11-25 02:55:20
* IP Address: 67.79.165.254
*/
$module->page_title = _l('Send');
// check permissions.
if (class_exists('module_security', false)) {
module_security::check_page(array('category' => 'Newsletter', 'page_name' => 'Send Newsletter', 'module' => 'newsletter', 'feature' => 'view'));
}
$newsletter_id = isset($_REQUEST['newsletter_id']) ? (int) $_REQUEST['newsletter_id'] : false;
$newsletter = module_newsletter::get_newsletter($newsletter_id);
$past_sends = $newsletter['sends'];
$send_id = isset($_REQUEST['send_id']) ? (int) $_REQUEST['send_id'] : false;
if ($send_id > 0) {
$send = module_newsletter::get_send($send_id);
if ($send['status'] == _NEWSLETTER_STATUS_PENDING || $send['status'] == _NEWSLETTER_STATUS_PAUSED) {
redirect_browser(module_newsletter::link_queue_watch($newsletter_id, $send_id));
}
$send_members = module_newsletter::get_send_members($send_id);
$recipient_count = mysql_num_rows($send_members);
mysql_free_result($send_members);
print_heading(_l('Add More Recipients (currently %s recipients): %s', $recipient_count, $newsletter['subject']));
} else {
print_heading(_l('Send Newsletter: %s', $newsletter['subject']));
示例11: ob_start
}
}
if ($user_id && !module_user::can_i('edit', 'All ' . $contact_type_permission . ' Contacts', $contact_type, $contact_module_name)) {
if ($user_id != module_security::get_loggedin_id()) {
// dont let them edit this page
ob_start();
module_security::disallow_page_editing();
}
}
// permission check.
if (!$user_id) {
// check if can create.
module_security::check_page(array('category' => $contact_type, 'page_name' => 'Contacts', 'module' => 'user', 'feature' => 'create'));
} else {
// check if can view/edit.
module_security::check_page(array('category' => $contact_type, 'page_name' => 'Contacts', 'module' => 'user', 'feature' => 'edit'));
}
if ($user_id > 0 && $user['user_id'] == $user_id) {
$module->page_title = _l('Contact: %s', $user['name']);
} else {
$module->page_title = _l('Contact: %s', _l('New'));
}
if (isset($user[$use_master_key]) && $user[$use_master_key]) {
// we have a contact!
// are we creating a new user?
if (!$user_id || $user_id == 'new') {
$user['roles'] = array(array('security_role_id' => module_config::c('contact_default_role', 0)));
}
} else {
die('Wrong file');
}
示例12: Exception
if (!$use_master_key) {
throw new Exception('Sorry no Customer or Supplier selected');
} else {
if (isset($_REQUEST[$use_master_key])) {
$search[$use_master_key] = $_REQUEST[$use_master_key];
}
}
if (!isset($search[$use_master_key]) || !$search[$use_master_key]) {
// we are just showing a list of all customer contacts.
$show_customer_details = true;
// check they have permissions to view all customer contacts.
if (class_exists('module_security', false)) {
// if they are not allowed to "edit" a page, but the "view" permission exists
// then we automatically grab the page and regex all the crap out of it that they are not allowed to change
// eg: form elements, submit buttons, etc..
module_security::check_page(array('category' => 'Customer', 'page_name' => 'All Customer Contacts', 'module' => 'customer', 'feature' => 'view'));
}
//throw new Exception('Please create a user correctly');
} else {
$show_customer_details = false;
}
$users = module_user::get_contacts($search, true);
?>
<h2>
<?php
if (isset($search[$use_master_key]) && $search[$use_master_key] && module_user::can_i('create', 'Contacts', 'Customer')) {
?>
<span class="button">
示例13: hook_handle_callback
" />
<?php
hook_handle_callback('layout_column_half', 1, '35');
// check permissions.
$do_perm_finish_check = false;
// this is a hack to allow Quote Task edit without Quote edit permissions.
if (class_exists('module_security', false)) {
if ($quote_id > 0 && $quote['quote_id'] == $quote_id) {
if (!module_security::check_page(array('category' => 'Quote', 'page_name' => 'Quotes', 'module' => 'quote', 'feature' => 'edit'))) {
// user does not have edit quote perms
$do_perm_finish_check = true;
}
} else {
if (!module_security::check_page(array('category' => 'Quote', 'page_name' => 'Quotes', 'module' => 'quote', 'feature' => 'create'))) {
// user does not have create quote perms.
}
}
}
$fields = array('fields' => array('name' => 'Name'));
module_form::set_required($fields);
module_form::set_default_field('task_desc_new');
module_form::prevent_exit(array('valid_exits' => array('.submit_button', '.save_task', '.delete', '.task_defaults', '.exit_button', '.apply_discount')));
/**** QUOTE DETAILS ****/
$fieldset_data = array('id' => 'quote_details', 'heading' => array('type' => 'h3', 'title' => 'Quote Details'), 'class' => 'tableclass tableclass_form tableclass_full', 'elements' => array('name' => array('title' => 'Quote Title', 'field' => array('type' => 'text', 'name' => 'name', 'value' => $quote['name'])), 'type' => array('title' => 'Type', 'field' => array('type' => 'select', 'name' => 'type', 'value' => $quote['type'], 'blank' => false, 'options' => module_quote::get_types(), 'allow_new' => true)), 'hourly_rate' => array('title' => 'Hourly Rate', 'field' => array('type' => 'currency', 'id' => 'main_hourly_rate', 'name' => 'hourly_rate', 'value' => number_out($quote['hourly_rate']))), 'status' => array('title' => 'Status', 'field' => array('type' => 'select', 'name' => 'status', 'value' => $quote['status'], 'blank' => false, 'options' => module_quote::get_statuses(), 'allow_new' => true)), 'date_create' => array('title' => 'Create Date', 'field' => array('type' => 'date', 'name' => 'date_create', 'value' => print_date($quote['date_create']), 'help' => 'This is the date the Quote is scheduled to start work. This can be a date in the future.')), 'date_approved' => array('title' => 'Approved Date', 'field' => array('type' => 'date', 'name' => 'date_approved', 'value' => print_date($quote['date_approved']), 'help' => 'This is the date the Quote was accepted by the client. This date is automatically set if the client clicks "Approve"')), 'approved_by' => array('title' => 'Approved By', 'field' => array('type' => 'text', 'name' => 'approved_by', 'value' => $quote['approved_by']))), 'extra_settings' => array('owner_table' => 'quote', 'owner_key' => 'quote_id', 'owner_id' => $quote['quote_id'], 'layout' => 'table_row', 'allow_new' => module_quote::can_i('create', 'Quotes'), 'allow_edit' => module_quote::can_i('create', 'Quotes')));
if (module_config::c('quote_allow_staff_assignment', 1)) {
$fieldset_data['elements']['user_id'] = array('title' => 'Staff Member', 'field' => array('type' => 'select', 'options' => $staff_member_rel, 'name' => 'user_id', 'value' => $quote['user_id'], 'help' => 'Assign a staff member to this quote. You can also assign individual tasks to different staff members. Staff members are users who have EDIT permissions on Quote Tasks.'));
}
$incrementing = false;
if (!isset($quote['taxes']) || !count($quote['taxes'])) {
示例14: isset
$locked = true;
}
} else {
$linked_invoice_payments = $finance['linked_invoice_payments'];
$linked_finances = $finance['linked_finances'];
$module->page_title = $finance['name'];
}
// check permissions.
if (class_exists('module_security', false)) {
if ($finance_id > 0 && $finance['finance_id'] == $finance_id || isset($_REQUEST['invoice_payment_id']) && isset($invoice_payment_data) && $invoice_payment_data) {
// if they are not allowed to "edit" a page, but the "view" permission exists
// then we automatically grab the page and regex all the crap out of it that they are not allowed to change
// eg: form elements, submit buttons, etc..
module_security::check_page(array('category' => 'Finance', 'page_name' => 'Finance', 'module' => 'finance', 'feature' => 'Edit'));
} else {
module_security::check_page(array('category' => 'Finance', 'page_name' => 'Finance', 'module' => 'finance', 'feature' => 'Create'));
}
module_security::sanatise_data('finance', $finance);
}
if (isset($finance['invoice_payment_id']) && (int) $finance['invoice_payment_id'] > 0) {
//$locked = true;
}
$finance_recurring_id = isset($_REQUEST['finance_recurring_id']) ? (int) $_REQUEST['finance_recurring_id'] : false;
if ($finance_id > 0 && $finance && isset($finance['finance_recurring_id']) && $finance['finance_recurring_id']) {
$finance_recurring_id = $finance['finance_recurring_id'];
}
if ($finance_recurring_id > 0) {
$finance_recurring = module_finance::get_recurring($finance_recurring_id);
}
if (!$finance_id && $finance_recurring_id > 0) {
$finance = array_merge($finance, $finance_recurring);
示例15: check_page_permissions
public function check_page_permissions()
{
$data = $this->get_data();
if ($this->file_id > 0 && (!$data || isset($data['new']) || $data['file_id'] != $this->file_id)) {
$this->file_id = 0;
die('Failed to access file. No permissions to view this file, please check with the administrator.');
} else {
if ($this->file_id > 0) {
if (class_exists('module_security', false)) {
if (!module_security::check_page(array('module' => 'file', 'feature' => 'Edit'))) {
$this->file_id = 0;
}
}
} else {
if (class_exists('module_security', false)) {
if (!module_security::check_page(array('module' => 'file', 'feature' => 'Create'))) {
$this->file_id = 0;
}
}
}
}
}