PHP permissions::checkPerms方法代码示例

function smarty_function_get_nodes_by_parent($params, &$smarty)
{
    global $node;
    $sql_time = "";
    $sql_type = "";
    $parent = $params['parent'];
    $permissions = permissions::checkPerms($parent);
    if (!$permissions['r']) {
        $error = $error_messages['READ_PERMISSION_ERROR'];
        return false;
    }
    $parent_vectot = $parent['node_vector'];
    if ($params['listing_amount'] == 'all') {
        $listing_amount = DEF_MAX_LISTING_AMMOUNT;
    } else {
        $listing_amount = $params['listing_amount'];
    }
    if (empty($params['offset'])) {
        $offset = 0;
    } else {
        $offset = $params['offset'];
    }
    if (isset($params['orderby'])) {
        $orderby = db_escape_string($params['orderby']);
    }
    global $db, $node;
    $node_id = $node['node_id'];
    $user_id = $_SESSION['user_id'];
    if (isset($params['time'])) {
        $sql_time = " nodes.node_created > '" . db_escape_string($params['time']) . "' and ";
    }
    $q = "select parent.node_name as parent_name,users.*,nodes.*,node_access.node_user_subchild_count from nodes left join nodes as parent on parent.node_id=nodes.node_parent left join node_access on node_access.node_id=nodes.node_id and node_access.user_id='{$user_id}' left  join users on users.user_id=nodes.node_creator where ";
    $q .= " {$sql_time} nodes.node_parent='{$parent}' and nodes.node_system_access!='private'";
    if (isset($_POST['template_event']) && $_POST['template_event'] == 'filter_by') {
        if (isset($_POST['search_type']) && $_POST['search_type'] == 'content') {
            $sql_type .= " and node_content like '%" . db_escape_string($_POST['node_content']) . "%' ";
        } else {
            $q2 = "select user_id from users where login='" . db_escape_string($_POST['node_content']) . "'";
            $userset = $db->query($q2);
            $userset->next();
            $id = $userset->getString('user_id');
            $sql_type = " and nodes.node_creator='{$id}'";
        }
        $q .= $sql_type;
    }
    if (isset($orderby)) {
        $q .= " order by {$orderby} ";
    } else {
        $q .= " order by nodes.node_id desc ";
    }
    $q .= " LIMIT {$offset},{$listing_amount} ";
    $set = $db->query($q);
    while ($set->next()) {
        $pole[] = $set->getRecord();
    }
    $smarty->assign('get_nodes_by_parent', $pole);
}

}
if (isset($_SESSION['user_id']) && $node['node_creator'] == $_SESSION['user_id']) {
    $node['node_permission'] = 'owner';
}
if (isset($_SESSION['cube_vector']) && $_SESSION['cube_vector']) {
    if (strpos($node['node_vector'], $_SESSION['cube_vector']) === false) {
        echo "node::" . $node['node_vector'];
        echo "cube_Vector::" . $_SESSION['cube_vector'];
        echo "you are out of allowed cwbe. access forbidden";
        die;
    }
}
#@include_once(INCLUDE_DIR.'mail_rss.inc'); //haluz...
//checking permissions
include_once BACKEND_DIR . '/' . DB_TYPE . '/permissions.inc';
$permissions = permissions::checkPerms($node);
if (!empty($_SESSION['debugging']) && $_SESSION['debugging']) {
    print_r($permissions);
}
// DO NOT MESS WITH THIS !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
//creating neural network
if (preg_match('/id\\/(\\d+)/', isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : "", $match)) {
    $referer_id = $match[1];
} elseif (preg_match('/k\\/([a-z0-9]{1,7})/', isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : "", $match)) {
    $referer_id = base_convert($match[1], 36, 10);
} elseif (preg_match('/name\\/(.*?)\\/?$/', isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : "", $match)) {
    $referer_id = nodes::getNodeIdByName($match[1]);
}
$db->update("update nodes set node_views=node_views+1 where node_id='" . $node['node_id'] . "'");
if (isset($referer_id) && is_numeric($referer_id)) {
    $q = "update neurons set synapse=synapse+1 where dst='" . $node['node_id'] . "' and src='{$referer_id}'";