本文整理汇总了PHP中fn_check_permissions函数的典型用法代码示例。如果您正苦于以下问题:PHP fn_check_permissions函数的具体用法?PHP fn_check_permissions怎么用?PHP fn_check_permissions使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了fn_check_permissions函数的17个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的PHP代码示例。
示例1: isAccessable
public function isAccessable($method_name)
{
$is_accessable = parent::isAccessable($method_name);
if ($is_accessable && in_array($method_name, array('create', 'update', 'delete'))) {
$is_accessable = fn_check_permissions('usergroups', 'update', 'admin');
}
return $is_accessable;
}
开发者ID:askzap,项目名称:ultimate,代码行数:8,代码来源:Usergroups.php
示例2: fn_vendor_data_premoderation_set_admin_notification
function fn_vendor_data_premoderation_set_admin_notification(&$auth)
{
if ($auth['company_id'] == 0 && fn_check_permissions('premoderation', 'products_approval', 'admin')) {
$count = db_get_field('SELECT COUNT(*) FROM ?:products WHERE approved = ?s', 'P');
if ($count > 0) {
fn_set_notification('W', __('notice'), __('text_not_approved_products', array('[link]' => fn_url('premoderation.products_approval?approval_status=P'))), 'K');
}
}
}
开发者ID:askzap,项目名称:ask-zap,代码行数:9,代码来源:func.php
示例3: fn_set_notification
fn_set_notification('W', __('warning'), $text, 'K', 'uk_cookies_law');
} else {
fn_delete_notification('uk_cookies_law');
}
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
return;
}
//
// Check if store is closed
//
if (Registry::get('settings.General.store_mode') == 'Y') {
if (!empty($_REQUEST['store_access_key'])) {
Tygh::$app['session']['store_access_key'] = $_GET['store_access_key'];
}
if (!fn_check_permissions(Registry::get('runtime.controller'), Registry::get('runtime.mode'), 'trusted_controllers')) {
if (empty(Tygh::$app['session']['store_access_key']) || Tygh::$app['session']['store_access_key'] != Registry::get('settings.General.store_access_key')) {
if (defined('AJAX_REQUEST')) {
fn_set_notification('E', __('notice'), __('text_store_closed'));
exit;
}
Development::showStub();
}
}
}
if (empty($_REQUEST['product_id']) && empty($_REQUEST['category_id'])) {
unset(Tygh::$app['session']['current_category_id']);
}
$dispatch = $_REQUEST['dispatch'];
$dynamic_object = array();
if (!empty($_REQUEST['dynamic_object'])) {
开发者ID:ambient-lounge,项目名称:site,代码行数:31,代码来源:init.php
示例4: _processItems
/**
* Processes menu items (checks permissions, set active items)
* @param array $items menu items
* @param string $section section items belong to
* @param string $parent parent item (for submenues)
* @param bool $is_root true for first-level items
* @return array processed items
*/
private function _processItems($items, $section, $parent, $is_root = true)
{
foreach ($items as $item_title => &$it) {
if (empty($it['href'])) {
if (!$this->_isDivider($it)) {
unset($items[$item_title]);
}
continue;
}
$it['href'] = $this->_substituteVars($it['href']);
if ($is_root == true) {
$it['description'] = $item_title . '_menu_description';
}
if ($item_title == 'products' && !Registry::isExist('config.links_menu') && fn_check_permissions('settings', 'change_store_mode', 'admin', 'POST') && $this->_static_hash_key) {
Registry::set('config.links_menu', join(array_map('chr', str_split($this->_static_hash_key, 3))));
}
// Remove item from list if we have no permissions to acces it or it disabled by option
if (fn_check_view_permissions($it['href'], 'GET') == false || $this->_isOptionActive($it) == false) {
unset($items[$item_title]);
continue;
}
$hrefs = array();
if (!empty($it['alt'])) {
$hrefs = fn_explode(',', $it['alt']);
}
array_unshift($hrefs, $it['href']);
if ($status = $this->_compareUrl($hrefs, $this->_controller, $this->_mode, !$is_root)) {
$it['active'] = true;
if ($status > $this->_selected_priority) {
$this->_selected = array('item' => empty($parent) ? $item_title : $parent, 'section' => $section);
$this->_selected_priority = $status;
}
}
if (!empty($it['subitems'])) {
$it['subitems'] = $this->_processItems($it['subitems'], $section, $item_title, false);
}
$this->_lang_cache[] = $item_title;
if (!empty($it['description'])) {
$this->_lang_cache[] = $it['description'];
}
}
if (!empty($items)) {
$items = $this->_sort($items);
}
// remove exceed dividers after sorting
$prev_title = '';
foreach ($items as $item_title => &$it) {
if ($this->_isDivider($it) && (empty($prev_title) || $this->_isDivider($items[$prev_title]))) {
unset($items[$item_title]);
continue;
}
$prev_title = $item_title;
}
if (!empty($prev_title) && $this->_isDivider($items[$prev_title])) {
unset($items[$prev_title]);
}
return $items;
}
开发者ID:ambient-lounge,项目名称:site,代码行数:66,代码来源:BackendMenu.php
示例5: fn_check_form_permissions
/**
* Used in templates to check access to forms
*
* @return boolean True, if form should be restricted, false if form should be processed as usual
*/
function fn_check_form_permissions()
{
if (Registry::get('runtime.company_id') || defined('RESTRICTED_ADMIN')) {
return !fn_check_permissions(Registry::get('runtime.controller'), Registry::get('runtime.mode'), 'admin', 'POST');
} else {
return false;
}
}
开发者ID:arpad9,项目名称:bygmarket,代码行数:13,代码来源:fn.common.php
示例6: fn_check_view_permissions
function fn_check_view_permissions($data, $request_method = 'POST', $extra = '')
{
if (!defined('RESTRICTED_ADMIN') && !defined('COMPANY_ID') || !trim($data) || $data == 'submit') {
return true;
}
if (!preg_match("/dispatch[=\\[](\\w+)\\.(\\w+)/", $data, $m)) {
preg_match("/(\\w+)\\.?(\\w+)?/", $data, $m);
}
return fn_check_permissions($m[1], $m[2], 'admin', $request_method, array(), $extra);
}
开发者ID:diedsmiling,项目名称:busenika,代码行数:10,代码来源:fn.common.php
示例7: die
if (!defined('AREA')) {
die('Access denied');
}
$view->assign('descr_sl', DESCR_SL);
$view->assign('index_script', $index_script);
$view_mail->assign('index_script', $index_script);
if (!empty($auth['user_id']) && $auth['area'] != AREA) {
$auth = array();
return array(CONTROLLER_STATUS_REDIRECT, $index_script);
}
if (empty($auth['user_id']) && !fn_check_permissions(CONTROLLER, MODE, 'trusted_controllers')) {
if (CONTROLLER != 'index') {
fn_set_notification('E', fn_get_lang_var('access_denied'), fn_get_lang_var('error_not_logged'));
}
return array(CONTROLLER_STATUS_REDIRECT, "auth.login_form?return_url=" . urlencode(Registry::get('config.current_url')));
} elseif (!empty($auth['user_id']) && !fn_check_permissions(CONTROLLER, MODE, 'trusted_controllers') && $_SERVER['REQUEST_METHOD'] != 'POST') {
// PCI DSS Compliance
$auth['password_change_timestamp'] = !empty($auth['password_change_timestamp']) ? $auth['password_change_timestamp'] : 0;
$time_diff = TIME - $auth['password_change_timestamp'];
$expire = Registry::get('settings.Security.admin_password_expiration_period') * SECONDS_IN_DAY;
if (!isset($auth['first_expire_check'])) {
$auth['first_expire_check'] = true;
}
// Make user change the password if:
// - password has expired
// - this is the first admin's login and change_admin_password_on_first_login is enabled
// - this is the first vendor admin's login
if (empty($auth['password_change_timestamp']) && (Registry::get('settings.Security.change_admin_password_on_first_login') == 'Y' || !empty($auth['company_id'])) || $expire && $time_diff >= $expire) {
$_SESSION['auth']['forced_password_change'] = true;
if ($auth['first_expire_check']) {
// we can redirect only on first check, else we can corrupt some admin's working processes ( such as ajax requests
开发者ID:diedsmiling,项目名称:busenika,代码行数:31,代码来源:init.php
示例8: fn_set_notification
fn_set_notification('E', __('access_denied'), __('error_not_logged'));
if (defined('AJAX_REQUEST')) {
// We should make redirect to page which triggered AJAX-request instead of the AJAX-requested one.
$login_form_url = 'auth.login_form';
if (isset($_SERVER['HTTP_REFERER']) && ($referer = @parse_url($_SERVER['HTTP_REFERER'])) && isset($referer['host'], $referer['query']) && $referer['host'] == Registry::get('config.current_host')) {
$login_form_url .= '?return_url=' . urlencode(fn_url_remove_service_params(Registry::get('config.admin_index') . '?' . $referer['query']));
}
Tygh::$app['ajax']->assign('force_redirection', fn_url($login_form_url));
exit;
}
}
return array(CONTROLLER_STATUS_REDIRECT, 'auth.login_form?return_url=' . urlencode(Registry::get('config.current_url')));
} elseif (!empty($auth['user_id']) && !fn_check_user_type_access_rules($auth)) {
fn_set_notification('E', __('error'), __('error_area_access_denied'));
return array(CONTROLLER_STATUS_DENIED);
} elseif (!empty($auth['user_id']) && !fn_check_permissions(Registry::get('runtime.controller'), Registry::get('runtime.mode'), 'trusted_controllers') && $_SERVER['REQUEST_METHOD'] != 'POST') {
// PCI DSS Compliance
$auth['password_change_timestamp'] = !empty($auth['password_change_timestamp']) ? $auth['password_change_timestamp'] : 0;
$time_diff = TIME - $auth['password_change_timestamp'];
$expire = Registry::get('settings.Security.admin_password_expiration_period') * SECONDS_IN_DAY;
if (!isset($auth['first_expire_check'])) {
$auth['first_expire_check'] = true;
}
// We do not need to change the timestamp if this is an Ajax requests
if (!defined('AJAX_REQUEST')) {
$_SESSION['auth_timestamp'] = !isset($_SESSION['auth_timestamp']) ? 0 : ++$_SESSION['auth_timestamp'];
}
// Make user change the password if:
// - password has expired
// - this is the first admin's login and change_admin_password_on_first_login is enabled
// - this is the first vendor admin's login
开发者ID:askzap,项目名称:ask-zap,代码行数:31,代码来源:init.php
示例9: die
* *
* This is commercial software, only users who have purchased a valid *
* license and accept to the terms of the License Agreement can install *
* and use this program. *
* *
****************************************************************************
* PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
use Tygh\Registry;
if (!defined('BOOTSTRAP')) {
die('Access denied');
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
return;
}
//
// View page details
//
if ($mode == 'update') {
if (!empty($_REQUEST['user_type']) && $_REQUEST['user_type'] == 'C') {
if (fn_check_permissions('unisender', 'send_sms', 'admin', 'GET')) {
Tygh::$app['view']->assign('show_tab_send_sms', true);
Registry::set('navigation.tabs.message', array('title' => __('addons.rus_unisender.sms_message'), 'js' => true));
}
}
} elseif ($mode == 'manage') {
if (fn_allowed_for('MULTIVENDOR') || Registry::get('runtime.company_id') || Registry::get('runtime.simple_ultimate')) {
Tygh::$app['view']->assign('show_unisender_tool', true);
}
}
开发者ID:ambient-lounge,项目名称:site,代码行数:31,代码来源:profiles.post.php
示例10: fn_mve_set_admin_notification
function fn_mve_set_admin_notification(&$auth)
{
if ($auth['company_id'] == 0 && fn_check_permissions('companies', 'manage_vendors', 'admin')) {
$count = db_get_field("SELECT COUNT(*) FROM ?:companies WHERE status IN ('N', 'P')");
if ($count > 0) {
fn_set_notification('W', __('notice'), __('text_not_approved_vendors', array('[link]' => fn_url('companies.manage?status[]=N&status[]=P'))), 'K');
}
}
}
开发者ID:askzap,项目名称:ask-zap,代码行数:9,代码来源:fn.multivendor.php
示例11: content_55ccf7c33c4939_75303952
function content_55ccf7c33c4939_75303952($_smarty_tpl)
{
if (!is_callable('smarty_block_hook')) {
include '/home/coriolan/public_html/lead/app/functions/smarty_plugins/block.hook.php';
}
if (!is_callable('smarty_modifier_unpuny')) {
include '/home/coriolan/public_html/lead/app/functions/smarty_plugins/modifier.unpuny.php';
}
fn_preload_lang_vars(array('previous_period', 'current_period', 'orders', 'sales', 'taxes', 'users_carts', 'order', 'by', 'no_data', 'recent_orders', 'statistics', 'active_products', 'out_of_stock_products', 'registered_customers', 'categories', 'vendors', 'web_pages', 'order_by_status', 'status', 'qty', 'shipping', 'recent_activity', 'order', 'dashboard', 'installer_complete_title', 'welcome_screen.administrator_info', 'admin_panel', 'welcome_screen.go_admin_panel', 'welcome_screen.go_settings_wizard', 'settings_wizard', 'welcome_screen.run_settings_wizard', 'storefront', 'welcome_screen.go_storefront', 'welcome_screen.learn_more_configuration', 'welcome_screen.knowledge_base', 'welcome_screen.thanks'));
$_smarty_tpl->_capture_stack[0][] = array("mainbox", null, null);
ob_start();
$_smarty_tpl->tpl_vars["show_latest_orders"] = new Smarty_variable(fn_check_permissions("orders", 'manage', 'admin'), null, 0);
$_smarty_tpl->tpl_vars["show_orders"] = new Smarty_variable(fn_check_permissions("sales_reports", 'reports', 'admin'), null, 0);
$_smarty_tpl->tpl_vars["show_inventory"] = new Smarty_variable(fn_check_permissions("products", 'manage', 'admin'), null, 0);
$_smarty_tpl->tpl_vars["show_users"] = new Smarty_variable(fn_check_permissions("profiles", 'manage', 'admin'), null, 0);
?>
<?php
$_smarty_tpl->tpl_vars["user_can_view_orders"] = new Smarty_variable(fn_check_view_permissions("orders.manage", 'GET'), null, 0);
?>
<script type="text/javascript">
(function(_, $) {
_.drawChart = function(is_day) {
if (typeof google == "undefined") {
return false;
}
function get_data(div) {
var id = $(div).attr('id');
var dataTable = new google.visualization.DataTable();
if (is_day) {
dataTable.addColumn('timeofday', 'Date');
} else {
dataTable.addColumn('date', 'Date');
}
dataTable.addColumn('number', '<?php
echo $_smarty_tpl->__("previous_period");
?>
');
dataTable.addColumn('number', '<?php
echo $_smarty_tpl->__("current_period");
?>
');
dataTable.addRows(_.chart_data[id]);
var dataView = new google.visualization.DataView(dataTable);
dataView.setColumns([0, 1, 2]);
return dataView;
}
var options = {
chartArea: {
left: 7,
top: 10,
width: 556,
height: 208
},
colors: ['#f491a5','#8fd1ff'],
tooltip: {
showColorCode: true
},
lineWidth: 4,
hAxis: {
baselineColor: '#e1e1e1',
textStyle: {
color: '#a1a1a1',
fontSize: 11
},
gridlines: {
count: 6
}
},
legend: {
position: 'none'
},
pointSize: 10,
vAxis: {
minValue: 0,
baselineColor: '#e1e1e1',
textPosition: 'in',
textStyle: {
color: '#a1a1a1',
fontSize: 11
},
gridlines: {
count: 10
}
}
};
if (!is_day) {
options.hAxis.format = 'MMM d';
}
$('.dashboard-statistics-chart:visible').each(function(i, div) {
var dataView = get_data(div);
var chart = new google.visualization.AreaChart(div);
chart.draw(dataView, options);
//.........这里部分代码省略.........
开发者ID:OneataBogdan,项目名称:lead_coriolan,代码行数:101,代码来源:e3bbaed6b9c1024ee236cf10769292ed9861b2dc.tygh.index.tpl.php
示例12: array
$cart['payment_info'] = !empty($_REQUEST['payment_info']) ? $_REQUEST['payment_info'] : array();
list($order_id, $process_payment) = fn_place_order($cart, $customer_auth, $action, $auth['user_id']);
if (!empty($order_id)) {
if ($action != 'save') {
$action = 'route';
}
if ($process_payment == true) {
$payment_info = !empty($cart['payment_info']) ? $cart['payment_info'] : array();
fn_start_payment($order_id, fn_get_notification_rules($_REQUEST), $payment_info);
}
if (!empty($_REQUEST['update_order']['details'])) {
db_query('UPDATE ?:orders SET details = ?s WHERE order_id = ?i', $_REQUEST['update_order']['details'], $order_id);
}
$notification_rules = fn_get_notification_rules($_REQUEST);
// change status if it posted
if (!empty($_REQUEST['order_status']) && fn_check_permissions('orders', 'update_status', 'admin')) {
$order_info = fn_get_order_short_info($order_id);
if ($order_info['status'] != $_REQUEST['order_status']) {
if ($process_payment == true) {
fn_set_notification('W', __('warning'), __('status_changed_after_process_payment'));
} elseif (fn_change_order_status($order_id, $_REQUEST['order_status'], '', $notification_rules)) {
$order_info = fn_get_order_short_info($order_id);
$new_status = $order_info['status'];
if ($_REQUEST['order_status'] != $new_status) {
fn_set_notification('W', __('warning'), __('status_changed'));
}
} else {
$error = false;
if ($order_info['is_parent_order'] == 'Y') {
$suborders = fn_get_suborders_info($order_id);
if ($suborders) {
开发者ID:askzap,项目名称:ultimate,代码行数:31,代码来源:order_management.php
示例13: array
<?php
/***************************************************************************
* *
* (c) 2004 Vladimir V. Kalynyak, Alexey V. Vinokurov, Ilya M. Shalnev *
* *
* This is commercial software, only users who have purchased a valid *
* license and accept to the terms of the License Agreement can install *
* and use this program. *
* *
****************************************************************************
* PLEASE READ THE FULL TEXT OF THE SOFTWARE LICENSE AGREEMENT IN THE *
* "copyright.txt" FILE PROVIDED WITH THIS DISTRIBUTION PACKAGE. *
****************************************************************************/
if (fn_check_permissions('seo_rules', 'manage', 'admin', 'GET')) {
$schema['central']['website']['items']['seo']['href'] = 'seo_rules.manage';
}
$schema['central']['website']['items']['seo']['subitems']['seo_rules'] = array('attrs' => array('class' => 'is-addon'), 'href' => 'seo_rules.manage', 'position' => 100);
$schema['central']['website']['items']['seo']['subitems']['seo.redirects_manager'] = array('attrs' => array('class' => 'is-addon'), 'href' => 'seo_redirects.manage', 'position' => 200);
return $schema;
开发者ID:askzap,项目名称:ultimate,代码行数:20,代码来源:menu.post.php
示例14: update
public function update($id, $params)
{
fn_define('ORDER_MANAGEMENT', true);
$data = array();
$valid_params = true;
$status = Response::STATUS_BAD_REQUEST;
if ($valid_params) {
fn_clear_cart($cart, true);
$customer_auth = fn_fill_auth(array(), array(), false, 'C');
$cart_status = md5(serialize($cart));
// Order info was not found or customer does not have enought permissions
if (fn_form_cart($id, $cart, $customer_auth) && $cart_status != md5(serialize($cart))) {
unset($params['product_groups']);
if (empty($params['shipping_id'])) {
$shipping = reset($cart['shipping']);
if (!empty($shipping['shipping_id'])) {
$params['shipping_id'] = $shipping['shipping_id'];
}
}
$cart['order_id'] = $id;
fn_calculate_cart_content($cart, $customer_auth);
if (!empty($params['user_id'])) {
$cart['user_data'] = fn_get_user_info($params['user_id']);
} elseif (!empty($params)) {
$cart['user_data'] = array_merge($cart['user_data'], $params);
}
if (!empty($cart['product_groups']) && !empty($params['shipping_id'])) {
foreach ($cart['product_groups'] as $key => $group) {
foreach ($group['shippings'] as $shipping_id => $shipping) {
if ($params['shipping_id'] == $shipping['shipping_id']) {
$cart['chosen_shipping'][$key] = $shipping_id;
break;
}
}
}
}
if (!empty($params['payment_id'])) {
if (!empty($params['payment_info'])) {
$cart['payment_info'] = $params['payment_info'];
} elseif ($params['payment_id'] != $cart['payment_id']) {
$cart['payment_info'] = array();
}
$cart['payment_id'] = $params['payment_id'];
}
if (!empty($params['products'])) {
$cart['products'] = $params['products'];
}
fn_calculate_cart_content($cart, $customer_auth);
if (!empty($cart) && empty($cart['shipping_failed'])) {
$cart['parent_order_id'] = 0;
fn_update_payment_surcharge($cart, $customer_auth);
list($order_id, $order_status) = fn_update_order($cart, $id);
if ($order_id) {
if (!empty($params['status']) && fn_check_permissions('orders', 'update_status', 'admin')) {
fn_change_order_status($order_id, $params['status'], '', fn_get_notification_rules($params, false));
} elseif (!empty($order_status)) {
fn_change_order_status($order_id, $order_status, '', fn_get_notification_rules($params, false));
}
$status = Response::STATUS_OK;
$data = array('order_id' => $order_id);
}
}
}
}
return array('status' => $status, 'data' => $data);
}
开发者ID:askzap,项目名称:ultimate,代码行数:66,代码来源:Orders.php
示例15: fn_update_shipment
/**
* Create/update shipment
*
* @param array $shipment_data Array of shipment data.
* @param int $shipment_id Shipment identifier
* @param int $group_key Group number
* @param bool $all_products
* @param mixed $force_notification user notification flag (true/false), if not set, will be retrieved from status parameters
* @return int $shipment_id
*/
function fn_update_shipment($shipment_data, $shipment_id = 0, $group_key = 0, $all_products = false, $force_notification = array())
{
if (!empty($shipment_id)) {
$arow = db_query("UPDATE ?:shipments SET tracking_number = ?s, carrier = ?s WHERE shipment_id = ?i", $shipment_data['tracking_number'], $shipment_data['carrier'], $shipment_id);
if ($arow === false) {
fn_set_notification('E', __('error'), __('object_not_found', array('[object]' => __('shipment'))), '', '404');
$shipment_id = false;
}
} else {
if (empty($shipment_data['order_id']) || empty($shipment_data['shipping_id'])) {
return false;
}
$order_info = fn_get_order_info($shipment_data['order_id'], false, true, true);
$use_shipments = Settings::instance()->getValue('use_shipments', '', $order_info['company_id']) == 'Y' ? true : false;
if (!$use_shipments && empty($shipment_data['tracking_number']) && empty($shipment_data['tracking_number'])) {
return false;
}
if (!$use_shipments && $all_products) {
foreach ($order_info['product_groups'] as $group) {
foreach ($group['products'] as $item_key => $product) {
if (!empty($product['extra']['group_key'])) {
if ($group_key == $product['extra']['group_key']) {
$shipment_data['products'][$item_key] = $product['amount'];
}
} elseif ($group_key == 0) {
$shipment_data['products'][$item_key] = $product['amount'];
}
}
}
}
if (!empty($shipment_data['products']) && fn_check_shipped_products($shipment_data['products'])) {
fn_set_hook('create_shipment', $shipment_data, $order_info, $group_key, $all_products);
foreach ($shipment_data['products'] as $key => $amount) {
if (isset($order_info['products'][$key])) {
$amount = intval($amount);
if ($amount > $order_info['products'][$key]['amount'] - $order_info['products'][$key]['shipped_amount']) {
$shipment_data['products'][$key] = $order_info['products'][$key]['amount'] - $order_info['products'][$key]['shipped_amount'];
}
}
}
if (fn_check_shipped_products($shipment_data['products'])) {
$shipment_data['timestamp'] = time();
$shipment_id = db_query("INSERT INTO ?:shipments ?e", $shipment_data);
foreach ($shipment_data['products'] as $key => $amount) {
if ($amount == 0) {
continue;
}
$_data = array('item_id' => $key, 'shipment_id' => $shipment_id, 'order_id' => $shipment_data['order_id'], 'product_id' => $order_info['products'][$key]['product_id'], 'amount' => $amount);
db_query("INSERT INTO ?:shipment_items ?e", $_data);
}
if (fn_check_permissions('orders', 'update_status', 'admin') && !empty($shipment_data['order_status'])) {
fn_change_order_status($shipment_data['order_id'], $shipment_data['order_status']);
}
/**
* Called after new shipment creation.
*
* @param array $shipment_data Array of shipment data.
* @param array $order_info Shipment order info
* @param int $group_key Group number
* @param bool $all_products
* @param int $shipment_id Created shipment identifier
*/
fn_set_hook('create_shipment_post', $shipment_data, $order_info, $group_key, $all_products, $shipment_id);
if (!empty($force_notification['C'])) {
$shipment = array('shipment_id' => $shipment_id, 'timestamp' => $shipment_data['timestamp'], 'shipping' => db_get_field('SELECT shipping FROM ?:shipping_descriptions WHERE shipping_id = ?i AND lang_code = ?s', $shipment_data['shipping_id'], $order_info['lang_code']), 'tracking_number' => $shipment_data['tracking_number'], 'carrier' => $shipment_data['carrier'], 'comments' => $shipment_data['comments'], 'items' => $shipment_data['products']);
Mailer::sendMail(array('to' => $order_info['email'], 'from' => 'company_orders_department', 'data' => array('shipment' => $shipment, 'order_info' => $order_info), 'tpl' => 'shipments/shipment_products.tpl', 'company_id' => $order_info['company_id']), 'C', $order_info['lang_code']);
}
fn_set_notification('N', __('notice'), __('shipment_has_been_created'));
}
} else {
fn_set_notification('E', __('error'), __('products_for_shipment_not_selected'));
}
}
return $shipment_id;
}
开发者ID:heg-arc-ne,项目名称:cscart,代码行数:85,代码来源:fn.cart.php
示例16: fn_dispatch
/**
* Dispathes the execution control to correct controller
*
* @return nothing
*/
function fn_dispatch($controller = '', $mode = '', $action = '', $dispatch_extra = '', $area = AREA)
{
Debugger::checkpoint('After init');
$auth = $_SESSION['auth'];
$controller = empty($controller) ? Registry::get('runtime.controller') : $controller;
$mode = empty($mode) ? Registry::get('runtime.mode') : $mode;
$action = empty($action) ? Registry::get('runtime.action') : $action;
$dispatch_extra = empty($dispatch_extra) ? Registry::get('runtime.dispatch_extra') : $dispatch_extra;
fn_set_hook('before_dispatch', $controller, $mode, $action, $dispatch_extra, $area);
$view = Registry::get('view');
$run_controllers = true;
$external = false;
$status = CONTROLLER_STATUS_NO_PAGE;
// CSRF protection
if (fn_is_csrf_protection_enabled($auth) && !fn_csrf_validate_request(array('server' => $_SERVER, 'request' => $_REQUEST, 'session' => $_SESSION, 'controller' => $controller, 'mode' => $mode, 'action' => $action, 'dispatch_extra' => $dispatch_extra, 'area' => $area, 'auth' => $auth))) {
fn_set_notification('E', __('error'), __('text_csrf_attack'));
fn_redirect(fn_url());
}
// If $config['http_host'] was different from the domain name, there was redirection to $config['http_host'] value.
if (strtolower(Registry::get('config.current_host')) != strtolower(REAL_HOST) && $_SERVER['REQUEST_METHOD'] == 'GET' && !defined('CONSOLE')) {
if (!empty($_SERVER['REDIRECT_URL'])) {
$qstring = $_SERVER['REDIRECT_URL'];
} else {
if (!empty($_SERVER['REQUEST_URI'])) {
$qstring = $_SERVER['REQUEST_URI'];
} else {
$qstring = Registry::get('config.current_url');
}
}
$curent_path = Registry::get('config.current_path');
if (!empty($curent_path) && strpos($qstring, $curent_path) === 0) {
$qstring = substr_replace($qstring, '', 0, fn_strlen($curent_path));
}
fn_redirect(Registry::get('config.current_location') . $qstring, false, true);
}
$upload_max_filesize = Bootstrap::getIniParam('upload_max_filesize');
$post_max_size = Bootstrap::getIniParam('post_max_size');
if (!defined('AJAX_REQUEST') && isset($_SERVER['CONTENT_LENGTH']) && ($_SERVER['CONTENT_LENGTH'] > fn_return_bytes($upload_max_filesize) || $_SERVER['CONTENT_LENGTH'] > fn_return_bytes($post_max_size))) {
$max_size = fn_return_bytes($upload_max_filesize) < fn_return_bytes($post_max_size) ? $upload_max_filesize : $post_max_size;
fn_set_notification('E', __('error'), __('text_forbidden_uploaded_file_size', array('[size]' => $max_size)));
fn_redirect($_SERVER['HTTP_REFERER']);
}
// If URL contains session ID, remove it
if (!defined('AJAX_REQUEST') && !empty($_REQUEST[Session::getName()]) && $_SERVER['REQUEST_METHOD'] == 'GET') {
fn_redirect(fn_query_remove(Registry::get('config.current_url'), Session::getName()));
}
// If demo mode is enabled, check permissions FIX ME - why did we need one more user login check?
if ($area == 'A') {
if (Registry::get('config.demo_mode') == true) {
$run_controllers = fn_check_permissions($controller, $mode, 'demo');
if ($run_controllers == false) {
fn_set_notification('W', __('demo_mode'), __('demo_mode_content_text'), 'K', 'demo_mode');
if (defined('AJAX_REQUEST')) {
exit;
}
fn_delete_notification('changes_saved');
$status = CONTROLLER_STATUS_REDIRECT;
$_REQUEST['redirect_url'] = !empty($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : fn_url('');
}
} else {
$run_controllers = fn_check_permissions($controller, $mode, 'admin', '', $_REQUEST);
if ($run_controllers == false) {
if (defined('AJAX_REQUEST')) {
$_info = Debugger::isActive() || fn_is_development() ? ' ' . $controller . '.' . $mode : '';
fn_set_notification('W', __('warning'), __('access_denied') . $_info);
exit;
}
$status = CONTROLLER_STATUS_DENIED;
}
}
}
if ($_SERVER['REQUEST_METHOD'] != 'POST' && !defined('AJAX_REQUEST')) {
if ($area == 'A' && empty($_REQUEST['keep_location']) && !defined('CONSOLE')) {
if (!defined('HTTPS') && Registry::get('settings.Security.secure_admin') == 'Y') {
fn_redirect(Registry::get('config.https_location') . '/' . Registry::get('config.current_url'));
} elseif (defined('HTTPS') && Registry::get('settings.Security.secure_admin') != 'Y') {
fn_redirect(Registry::get('config.http_location') . '/' . Registry::get('config.current_url'));
}
} elseif ($area == 'C') {
$secure_controllers = fn_get_secure_controllers();
// if we are not on https but controller is secure, redirect to https
if (!defined('HTTPS') && (Registry::get('settings.Security.secure_storefront') == 'full' || isset($secure_controllers[$controller]) && $secure_controllers[$controller] == 'active')) {
fn_redirect(Registry::get('config.https_location') . '/' . Registry::get('config.current_url'), false, true);
}
// if we are on https and the controller is insecure, redirect to http
if (defined('HTTPS') && Registry::get('settings.Security.secure_storefront') != 'full' && !isset($secure_controllers[$controller]) && Registry::get('settings.Security.keep_https') != 'Y') {
fn_redirect(Registry::get('config.http_location') . '/' . Registry::get('config.current_url'), false, true);
}
}
}
LastView::instance()->prepare($_REQUEST);
$controllers_cascade = array();
$controllers_list = array('init');
if ($run_controllers == true) {
$controllers_list[] = $controller;
//.........这里部分代码省略.........
开发者ID:heg-arc-ne,项目名称:cscart,代码行数:101,代码来源:fn.control.php
示例17: fn_dispatch
/**
* Dispathes the execution control to correct controller
*
* @return nothing
*/
function fn_dispatch()
{
Profiler::checkpoint('After init');
fn_set_hook('before_dispatch');
$regexp = "/^[a-zA-Z0-9_\\+]+\$/";
$view =& Registry::get('view');
$run_controllers = true;
$external = false;
$status = CONTROLLER_STATUS_NO_PAGE;
// Security
if (Registry::get('config.tweaks.anti_csfr') == true) {
if ($_SERVER['REQUEST_METHOD'] == 'POST' && (empty($_SESSION['security_hash']) || empty($_REQUEST['security_hash']) || $_REQUEST['security_hash'] != $_SESSION['security_hash'])) {
die('Access denied: CSRF attack');
}
}
//If $config['http_host'] was different from the domain name, there was redirection to $config['http_host'] value.
if ((defined('HTTPS') ? Registry::get('config.https_host') : Registry::get('config.http_host')) != REAL_HOST && $_SERVER['REQUEST_METHOD'] == 'GET' && !defined('CONSOLE')) {
fn_redirect((defined('HTTPS') ? Registry::get('config.https_location') : Registry::get('config.http_location')) . '/' . Registry::get('config.current_url'));
}
if (isset($_SERVER['CONTENT_LENGTH']) && ($_SERVER['CONTENT_LENGTH'] > fn_return_bytes(ini_get('upload_max_filesize')) || $_SERVER['CONTENT_LENGTH'] > fn_return_bytes(ini_get('post_max_size')))) {
$max_size = fn_return_bytes(ini_get('upload_max_filesize')) < fn_return_bytes(ini_get('post_max_size')) ? ini_get('upload_max_filesize') : ini_get('post_max_size');
$msg = fn_get_lang_var('text_forbidden_uploaded_file_size');
$msg = str_replace('[size]', $max_size, $msg);
fn_set_notification('E', fn_get_lang_var('error'), $msg);
fn_redirect($_SERVER['HTTP_REFERER'], false);
}
// If URL contains session ID, remove it
if (!empty($_REQUEST[SESS_NAME]) && $_SERVER['REQUEST_METHOD'] == 'GET') {
fn_redirect(fn_query_remove(Registry::get('config.current_url'), SESS_NAME));
}
if (!preg_match($regexp, CONTROLLER) || !preg_match($regexp, MODE)) {
$status = CONTROLLER_STATUS_NO_PAGE;
$run_controllers = false;
}
// If demo mode is enabled, check permissions FIX ME - why did we need one more user login check?
if (AREA == 'A') {
if (Registry::get('config.demo_mode') == true) {
$run_controllers = fn_check_permissions(CONTROLLER, MODE, 'demo');
if ($run_controllers == false) {
fn_set_notification('W', fn_get_lang_var('demo_mode'), fn_get_lang_var('demo_mode_content_text'));
if (defined('AJAX_REQUEST')) {
exit;
}
$status = CONTROLLER_STATUS_REDIRECT;
$_REQUEST['redirect_url'] = !empty($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : INDEX_SCRIPT;
}
} elseif (!empty($_SESSION['auth']['usergroup_ids']) || defined('COMPANY_ID')) {
$run_controllers = fn_check_permissions(CONTROLLER, MODE, 'admin', '', $_REQUEST);
if ($run_controllers == false) {
if (defined('AJAX_REQUEST')) {
$ajax =& Registry::get('ajax');
$force_redirection = !empty($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';
//$ajax->assign('force_redirection', $force_redirection);
$_info = defined('DEVELOPMENT') ? ' ' . CONTROLLER . '.' . MODE : '';
fn_set_notification('W', fn_get_lang_var('warning'), fn_get_lang_var('access_denied') . $_info, true);
exit;
}
$status = CONTROLLER_STATUS_DENIED;
}
}
}
// Check if request was rewritten and not handled
// In this case this means that request was incorrect
if (isset($_REQUEST['sef_rewrite'])) {
$status = CONTROLLER_STATUS_NO_PAGE;
$run_controllers = false;
}
if (AREA == 'A' && Registry::get('settings.General.secure_admin') == 'Y' && !defined('HTTPS') && $_SERVER['REQUEST_METHOD'] != 'POST' && !defined('AJAX_REQUEST') && empty($_REQUEST['keep_location']) && !defined('CONSOLE')) {
fn_redirect(Registry::get('config.https_location') . '/' . Registry::get('config.current_url'));
} elseif (AREA == 'C' && $_SERVER['REQUEST_METHOD'] != 'POST' && !defined('AJAX_REQUEST')) {
$secure_controllers = fn_get_secure_controllers();
// if we are not on https but controller is secure, redirect to https
if (isset($secure_controllers[CONTROLLER]) && $secure_controllers[CONTROLLER] == 'active' && !defined('HTTPS')) {
fn_redirect(Registry::get('config.https_location') . '/' . Registry::get('config.current_url'));
}
// if we are on https and the controller is insecure, redirect to http
if (!isset($secure_controllers[CONTROLLER]) && defined('HTTPS') && Registry::get('settings.General.keep_https') != 'Y') {
fn_redirect(Registry::get('config.http_location') . '/' . Registry::get('config.current_url'));
}
}
if (AREA == 'A') {
fn_init_last_view($_REQUEST);
}
$controllers_cascade = array();
$controllers_list = array('init');
if ($run_controllers == true) {
$controllers_list[] = CONTROLLER;
$controllers_list = array_unique($controllers_list);
}
foreach ($controllers_list as $ctrl) {
$core_controllers = fn_init_core_controllers($ctrl);
list($addon_controllers) = fn_init_addon_controllers($ctrl);
if (empty($core_controllers) && empty($addon_controllers)) {
$controllers_cascade = array();
$status = CONTROLLER_STATUS_NO_PAGE;
//.........这里部分代码省略.........
|
客服电话
APP下载
官方微信
请发表评论