private function route($env)
{
$request = mapi_request();
switch ($env) {
case 'manager':
if (isset($request['module'])) {
$this->set_module(MGet::string('module'));
}
if (isset($request['task'])) {
$this->set_task(MGet::string('task'));
}
if (isset($request['object'])) {
$this->set_num_object_id(MGet::string('object'));
}
break;
case 'frontend':
$routing = 'default';
$pref = MObject::get('preference', 'routing');
if ($pref && is_object($pref) && 'sef' == $pref->get_value()) {
$routing = 'sef';
}
// sef routing here
if (isset($request['module'])) {
$this->set_module(MGet::string('module'));
}
if (isset($request['task'])) {
$this->set_task(MGet::string('task'));
}
if (isset($request['object'])) {
$this->set_num_object_id(MGet::string('object'));
}
break;
}
MAuth::init();
if ('manager' == $env) {
if ('register' != $this->module) {
if ('login' != $this->module && !MAuth::is_auth()) {
$this->reset_to('login');
} elseif ('login' == $this->module && MAuth::is_auth() && !isset($_POST['do-logout'])) {
$this->reset_to('dashboard');
}
} else {
if (MAuth::is_auth()) {
$this->reset_to('dashboard');
}
}
if ('login' != $this->module && 'register' != $this->module) {
//if ( ! MAuth::check_perm( self::$this->module, $this->task ) ) $this->reset_to( 'denied' );
}
}
}
public function permission($id = null)
{
if (!MAuth::is_auth()) {
return false;
}
if (MAuth::group_id() > 2) {
if (!$id) {
if (MAuth::user_id() != $this->createdby) {
return false;
}
} else {
if (MAuth::user_id() != $id) {
return false;
}
}
}
if (MAuth::group_id() > 3) {
return false;
}
return true;
}
