public function __construct($section_name = '##skip##', $section_permission = 'start', $auto_header = true, $auto_auth = true, $operateBuffer = true) { parent::__construct(SecureForm::BACKEND); if ($section_name != '##skip##') { global $database, $MESSAGE; // Specify the current applications name $this->section_name = $section_name; $this->section_permission = $section_permission; // Authenticate the user for this application if ($auto_auth == true) { // First check if the user is logged-in if ($this->is_authenticated() == false) { header('Location: ' . ADMIN_URL . '/login/index.php'); exit(0); } // Now check if they are allowed in this section if ($this->get_permission($section_permission) == false) { echo $section_permission . "<br>"; die($MESSAGE['ADMIN_INSUFFICIENT_PRIVELLIGES']); } } // Check if the backend language is also the selected language. If not, send headers again. $sql = 'SELECT `language` FROM `' . TABLE_PREFIX . 'users` '; $sql .= 'WHERE `user_id`=' . (int) $this->get_user_id(); $user_language = $database->get_one($sql); $admin_folder = str_replace(WB_PATH, '', ADMIN_PATH); if (LANGUAGE != $user_language && file_exists(WB_PATH . '/languages/' . $user_language . '.php') && strpos($_SERVER['SCRIPT_NAME'], $admin_folder . '/') !== false) { // check if page_id is set $page_id_url = isset($_GET['page_id']) ? '&page_id=' . (int) $_GET['page_id'] : ''; $section_id_url = isset($_GET['section_id']) ? '§ion_id=' . (int) $_GET['section_id'] : ''; if (isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING'] != '') { // check if there is an query-string header('Location: ' . $_SERVER['SCRIPT_NAME'] . '?lang=' . $user_language . $page_id_url . $section_id_url . '&' . $_SERVER['QUERY_STRING']); } else { header('Location: ' . $_SERVER['SCRIPT_NAME'] . '?lang=' . $user_language . $page_id_url . $section_id_url); } exit; } // Auto header code if ($auto_header == true) { $this->print_header($body_tags = '', $operateBuffer); } } // i know this sucks but some old stuff really need this global $wb; $wb = $this; }
public function __construct() { parent::__construct(SecureForm::FRONTEND); }
/** * Constructor of the class * * Authenticate user then auto print the header * * @param str The section name. * @param str The section permissions belongs too. * @param bool Boolean to print out the header. Default is 'true'. * @param bool Boolean for the auto authentification. Default is 'true'. * */ public function __construct($section_name, $section_permission = 'start', $auto_header = true, $auto_auth = true) { global $database; global $MESSAGE; parent::__construct(); /** ********************* * TWIG Template Engine */ global $parser; global $loader; global $TEXT; global $MENU; global $OVERVIEW; global $HEADING; if (!isset($parser)) { require_once LEPTON_PATH . "/modules/lib_twig/library.php"; } $loader->prependPath(THEME_PATH . "/templates/", "theme"); // namespace for the Twig-Loader is "theme" $parser->addGlobal("TEXT", $TEXT); $parser->addGlobal("MENU", $MENU); $parser->addGlobal("OVERVIEW", $OVERVIEW); $parser->addGlobal("HEADING", $HEADING); $this->parser =& $parser; $this->loader =& $loader; /** ******** * End Twig */ /** * Droplet support * */ ob_start(); $this->db_handle = clone $database; // Specify the current applications name $this->section_name = $section_name; $this->section_permission = $section_permission; // Authenticate the user for this application if ($auto_auth == true) { // First check if the user is logged-in if ($this->is_authenticated() == false) { header('Location: ' . ADMIN_URL . '/login/index.php'); exit(0); } // Now check whether he has a valid token if (!$this->checkToken()) { unset($_SESSION['USER_ID']); header('Location: ' . ADMIN_URL . '/login/index.php'); exit(0); } // Now check if they are allowed in this section if ($this->get_permission($section_permission) == false) { die($MESSAGE['ADMIN_INSUFFICIENT_PRIVELLIGES']); } } // Check if the backend language is also the selected language. If not, send headers again. $user_language = array(); $this->db_handle->execute_query("SELECT `language` FROM `" . TABLE_PREFIX . "users` WHERE `user_id` = '" . (int) $this->get_user_id() . "'", true, $user_language, false); // prevent infinite loop if language file is not XX.php (e.g. DE_du.php) $user_language = !isset($user_language['language']) ? "" : substr($user_language['language'], 0, 2); // obtain the admin folder (e.g. /admin) $admin_folder = str_replace(LEPTON_PATH, '', ADMIN_PATH); if (LANGUAGE != $user_language && file_exists(LEPTON_PATH . '/languages/' . $user_language . '.php') && strpos($_SERVER['SCRIPT_NAME'], $admin_folder . '/') !== false) { // check if page_id is set $page_id_url = isset($_GET['page_id']) ? '&page_id=' . (int) $_GET['page_id'] : ''; $section_id_url = isset($_GET['section_id']) ? '§ion_id=' . (int) $_GET['section_id'] : ''; if (isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING'] != '') { header('Location: ' . $_SERVER['SCRIPT_NAME'] . '?lang=' . $user_language . $page_id_url . $section_id_url . '&' . $_SERVER['QUERY_STRING']); } else { header('Location: ' . $_SERVER['SCRIPT_NAME'] . '?lang=' . $user_language . $page_id_url . $section_id_url); } exit; } // Auto header code if ($auto_header == true) { $this->print_header(); } }
public function __construct() { parent::__construct(1); }