private function route($env) { $request = mapi_request(); switch ($env) { case 'manager': if (isset($request['module'])) { $this->set_module(MGet::string('module')); } if (isset($request['task'])) { $this->set_task(MGet::string('task')); } if (isset($request['object'])) { $this->set_num_object_id(MGet::string('object')); } break; case 'frontend': $routing = 'default'; $pref = MObject::get('preference', 'routing'); if ($pref && is_object($pref) && 'sef' == $pref->get_value()) { $routing = 'sef'; } // sef routing here if (isset($request['module'])) { $this->set_module(MGet::string('module')); } if (isset($request['task'])) { $this->set_task(MGet::string('task')); } if (isset($request['object'])) { $this->set_num_object_id(MGet::string('object')); } break; } MAuth::init(); if ('manager' == $env) { if ('register' != $this->module) { if ('login' != $this->module && !MAuth::is_auth()) { $this->reset_to('login'); } elseif ('login' == $this->module && MAuth::is_auth() && !isset($_POST['do-logout'])) { $this->reset_to('dashboard'); } } else { if (MAuth::is_auth()) { $this->reset_to('dashboard'); } } if ('login' != $this->module && 'register' != $this->module) { //if ( ! MAuth::check_perm( self::$this->module, $this->task ) ) $this->reset_to( 'denied' ); } } }
public function permission($id = null) { if (!MAuth::is_auth()) { return false; } if (MAuth::group_id() > 2) { if (!$id) { if (MAuth::user_id() != $this->createdby) { return false; } } else { if (MAuth::user_id() != $id) { return false; } } } if (MAuth::group_id() > 3) { return false; } return true; }