Phpcms's adminclassphp

Last Update:2016-07-29 Source: Internet

Author: User

Tags truncated

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

Defined (' In_phpcms ') or exit (' No permission resources. ');
/* Phpcms V9 Login is the session, save session There are two ways, one is the way of database storage, one is the way of file storage, the default is the database storage mode. Sometimes the database this way, you can modify the Sesion storage mode in \caches\configs\system.php//session configuration ' session_storage ' = ' mysql ', change it to// Session configuration ' session_storage ' = ' files ', anyway, is not empty, otherwise it will not be successful. */
$session _storage = ' session_ '. Pc_base::load_config (' System ', ' session_storage ');//session storage to File
Pc_base::load_sys_class ($session _storage);
if (Param::get_cookie (' Sys_lang ')) {//Language pack
Define (' Sys_style ', Param::get_cookie (' Sys_lang ')); is set when logging in
} else {
Define (' Sys_style ', ' zh-cn ');
}
defined in the background
Define (' In_admin ', true);
Class Admin {
Public $userid;
public $username;

Public Function __construct () {
Self::check_admin (); Determine if the user has logged in
Self::check_priv (); Check if the user has permission
Pc_base::load_app_func (' Global ', ' admin ');
if (!module_exists (route_m)) ShowMessage (L (' module_not_exists '));//module does not have information about the prompt
Self::manage_log ();
Self::check_ip (); Detection of banned IPs
Self::lock_screen (); Lock screen
Self::check_hash (); Hash security Verification
if (pc_base::load_config (' System ', ' Admin_url ') && $_server["Http_host"]!= pc_base::load_config (' System ', ' Admin_url ')) {
Header ("http/1.1 403 Forbidden"); Set Unauthorized access
Exit (' No permission resources. ');
}
}

/**
* Determine if the user has logged in
*/
Final public Function check_admin () {
If the login interface
Route_m get the model, Route_c get the controller, route_a get the event
if (route_m = = ' Admin ' && route_c = = ' Index ' && in_array (route_a, Array (' Login ', ' Public_card ')) {
Return true;//will terminate execution of subsequent code once it returns true
} else {
Determine if the session has Userid,roleid, if there is no processing, no words to return to the login interface
$userid = Param::get_cookie (' userid ');
if (!isset ($_session[' userid ')) | |!isset ($_session[' Roleid ') | |!$_session[' userid '] | |!$_session[' Roleid ' | | UserID = $_session[' userid ']) showmessage (L (' Admin_login '), '? M=admin&c=index&a=login ');
}
}

/**
* Loading Background templates
* @param string $file file name
* @param string $m model name
*/
Final public static function Admin_tpl ($file, $m = ") {
$m = Empty ($m)? Route_m: $m;
if (empty ($m)) return false; To determine that $m is null returns false
return Pc_path. ' Modules '. Directory_separator. $m. Directory_separator. ' Templates '. Directory_separator. $file. Tpl.php '; Returns the modules/route_m/templates/suffix $file.tpl.php
}

/**
* Get admin Menu
* Find menu subkeys by Parent ID
* @param integer $parentid parent Menu ID
* @param integer $with whether _self includes himself
* @param menus are stored in the menu data table. When we need to add a new menu two times, we just have to insert the appropriate menu ID, name, ParentID, M, C, a, data and so on in the menu table. Of course, in order for a role other than the Super Administrator to access the menu, you also need to configure permissions in the Admin_role_priv table.
*/
Final public static function Admin_menu ($parentid, $with _self = 0) {
$parentid = Intval ($parentid); Gets the integer value of the variable, which is the default decimal
$menudb = Pc_base::load_model (' Menu_model '); Referencing the model subclass to implement operations such as databases
$site _model = Param::get_cookie (' Site_model '); Model sub-class
$where = Array (' parentid ' = = $parentid, ' Display ' =>1); ParentID parent Node ID
if ($site _model && $parentid) {
$where [$site _model] = 1;
}
Get all of its sub-menus
$result = $menudb->select ($where, ' * ', +, ' Listorder ASC '); Listorder is in the background in order to sort the previous number, you can edit
if ($with _self) {
$result 2[] = $menudb->get_one (array (' id ' = = $parentid));
$result = Array_merge ($result 2, $result); Array_merge-assigns the value of an array to the previous array
}
Permission checks. If you are a Super administrator, return all
if ($_session[' roleid ') = = 1) return $result; Save role ID to session
Find the section with permissions (according to the Admin_role_priv_model table)
$array = Array ();
$privdb = Pc_base::load_model (' Admin_role_priv_model '); Calling the model sub-class
$siteid = Param::get_cookie (' SiteID ');
foreach ($result as $v) {
$action = $v [' a '];
For public methods, release through
if (Preg_match ('/^public_/', $action)) {//prefix is public
$array [] = $v;
} else {
For methods that begin with Ajax, only the second half of the method name is truncated
if (Preg_match ('/^ajax_ ([a-z]+) _/', $action, $_match)) $action = $_match[1];
Try to get the current role $roleid whether there is a corresponding m, c, a operation permission record//try to get the current role $roleid whether there is a corresponding m, c, a operation permission record
$r = $privdb->get_one (the array (' m ' = = $v [' m '], ' c ' = = $v [' C '], ' a ' + = $action, ' Roleid ' =>$_session[' Roleid '), ' SiteID ' = $siteid));
if ($r) $array [] = $v; Judgment: Assign $v to a $array[]
}
}
return $array;
}

/**
* Get menu Head Menu navigation
*
* @param $parentid Menu ID
* @param is primarily used to generate all submenu navigation for the relevant menu (typically displayed on the upper part of the IFRAME Frame content page)
*/
Final public static function submenu ($parentid = ", $big _menu = False) {
if (empty ($parentid)) {
$menudb = Pc_base::load_model (' Menu_model '); Referencing the model sub-class
$r = $menudb->get_one (Array (' m ' =>route_m, ' C ' =>route_c, ' a ' =>route_a));
$parentid = $_get[' menuid ') = $r [' id ']; //
}
$array = Self::admin_menu ($parentid, 1); Name in parent menu $parentid, including parent menu

$numbers = count ($array); Count the number of cells in an array or the number of properties in an object
if ($numbers ==1 &&! $big _menu) return ';
$string = ";
$pc _hash = $_session[' Pc_hash ');
foreach ($array as $_value) {
if (!isset ($_get[' s ')) {
$classname = Route_m = = $_value[' M '] && route_c = = $_value[' C '] && route_a = $_value[' A ']? ' class= ' on ' ': ';
} else {
$_s =!empty ($_value[' data ')? Str_replace (' = ', ', ', strstr ($_value[' data '), ' = ')): ';
$classname = Route_m = $_value[' M '] && route_c = = $_value[' C '] && route_a = $_value[' A '] && $_ge T[' s '] = = $_s? ' class= ' on ' ': ';
}
if ($_value[' parentid ') = = 0 | | $_value[' m ']== ') continue;
if ($classname) {
$string. = " ". L ($_value[' name ']). " |";
} else {
$string. = " ". L ($_value[' name ']). " |";
}
}
$string = substr ($string, 0,-14);
return $string;
}
/**
* Current Position
*
* @param $id Menu ID
*/
Use recursion to get all the parent menu levels of a menu, returning as an HTML fragment
Final public static function Current_pos ($id) {
$menudb = Pc_base::load_model (' Menu_model ');
$r = $menudb->get_one (array (' id ' = = $id), ' Id,name,parentid ');
$str = ";
if ($r [' ParentID ']) {
$str = Self::current_pos ($r [' parentid ']);
}
Return $STR. L ($r [' name ']). ' > ';
}

/**
* Get the current site ID
*/
Final public static function Get_siteid () {
return Get_siteid ();
}

/**
*
* Get current site information
* @param integer $siteid The site ID number, the current site information is empty
* @return Array
* Get the Website interface at login
*/
Final public static function get_siteinfo ($siteid = ") {
if ($siteid = = ") $siteid = Self::get_siteid ();
if (empty ($siteid)) return false;
$sites = Pc_base::load_app_class (' sites ', ' admin ');
Return $sites->get_by_id ($siteid);
}
Final public static function Return_siteid () {
$sites = Pc_base::load_app_class (' sites ', ' admin ');
$siteid = Explode (', ', $sites->get_role_siteid ($_session[' Roleid '));
Return current ($siteid);
}
/**
* Permission to judge
*/
Check if the user is accessing the operations permissions of M, C, a,
Final public Function Check_priv () {
Login interface: Once true is returned, execution of subsequent code is terminated
if (route_m = = ' Admin ' && route_c = = ' Index ' && in_array (route_a, Array (' Login ', ' init ', ' Public_card ')) return true;

Roleid:1 Super Admin, once returned to true, terminates execution of the subsequent code
if ($_session[' roleid '] = = 1) return true;
$siteid = Param::get_cookie (' SiteID '); Site ID
$action = route_a; Method
$privdb = Pc_base::load_model (' Admin_role_priv_model ');
if (Preg_match ('/^public_/', route_a)) return true; If the method starts with Public_
if (Preg_match ('/^ajax_ ([a-z]+) _/', Route_a,$_match)} {//method starting with Ajax_, only the second half is truncated as a query condition
$action = $_match[1]; Match Results
}
Try to get a permission record with no M, a, Roleid SiteID combined
$r = $privdb->get_one (Array (' m ' =>route_m, ' C ' =>route_c, ' a ' + = $action, ' Roleid ' =>$_session[' Roleid '), ' SiteID ' = $siteid));
if (! $r) showmessage (' You do not have permission to manipulate the item ', ' blank ');
}
/**
*
* Record Log
*/
Final Private Function Manage_log () {
Decide whether to record
$setconfig = pc_base::load_config (' system ');
Extract ($setconfig);
if ($admin _log==1) {//whether the background operation log is logged
$action = route_a; Method
if ($action = = "| | strchr ($action, ' public ') | | $action = = ' init ' | | $action = = ' Public_current_pos ') {
return false; Except for some of the above methods
}else {
$IP = IP ();
$log = Pc_base::load_model (' Log_model ');//Data Sheet
$username = Param::get_cookie (' admin_username ');//username
$userid = isset ($_session[' userid ")? $_session[' userid ']: ';//user ID
$time = Date (' y-m-d h-i-s ', sys_time); System time
$url = '? m= '. Route_m. ' &c= '. Route_c. ' &a= '. Route_a; Operating address
$log->insert (' module ' =>route_m, ' username ' + $username, ' userid ' = $userid, ' action ' =>route_c, ' QueryString ' = $url, ' time ' = $time, ' IP ' + $ip)); Logging the operations log into storage
}
}
}

/**
*
* Background IP forbidden to judge ...
*/
Final Private Function check_ip () {
$this->ipbanned = Pc_base::load_model (' Ipbanned_model ');
$this->ipbanned->check_ip ();
}
/**
* Check the lock screen status
*/
Final Private Function Lock_screen () {
if (Isset ($_session[' Lock_screen ')) && $_session[' Lock_screen ']==1) {
if (Preg_match ('/^public_/', route_a) | | (route_m = = ' content ' && route_c = = ' create_html ') | | (route_m = = ' release ') | | (route_a = = ' login ') | | (route_m = = ' Search ' && route_c = = ' search_admin ' && route_a== ' CreateIndex ')) return true;
ShowMessage (L (' Admin_login '), '? M=admin&c=index&a=login ');
}
}
/**
* Check hash value to verify user data security
*/
Final Private Function Check_hash () {
If it is public method, management homepage, landing interface, etc. do not need hash authentication, to be released
if (Preg_match ('/^public_/', route_a) | | Route_m = = ' Admin ' && route_c = = ' Index ' | | In_array (route_a, Array (' login '))) {
return true;
}
Whether it is get or post to the Pc_hash, if you can and the server pc_hash corresponding to the, then pass
if (Isset ($_get[' Pc_hash ')) && $_session[' Pc_hash ']! = ' && ($_session[' pc_hash '] = = $_get[' Pc_hash ']) ) {
return true;
} elseif (Isset ($_post[' Pc_hash ") && $_session[' Pc_hash ']! = ' && ($_session[' pc_hash '] = = $_post[' pc_ Hash '])) {
return true;
} else {
ShowMessage (L (' Hash_check_false '), http_referer);
}
}

/**
* Background Information list template
* @param string $id the selected template name
* @param string $str property names in form forms
*/

Final public Function admin_list_template ($id = ', $str = ') {
$templatedir = Pc_path. Directory_separator. ' Modules '. Directory_separator. ' Content '. Directory_separator. ' Templates '. Directory_separator;
$pre = ' content_list ';
$templates = Glob ($templatedir. $pre. ' *.tpl.php ');
if (empty ($templates)) return false;
$files = @array_map (' basename ', $templates);
$templates = Array ();
if (Is_array ($files)) {
foreach ($files as $file) {
$key = substr ($file, 0,-8);
$templates [$key] = $file;
}
}
Ksort ($templates);
Return Form::select ($templates, $id, $str, L (' Please_select '));
}
}

The above describes the Phpcms adminclassphp, including the aspects of the content, I hope that the PHP tutorial interested in a friend helpful.



This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More