function index()
 {
     if (!CheckPermissions('vip')) {
         return;
     }
     //load the required models and libraries
     $this->load->model('pr_model', 'pr_model');
     $this->load->model('members_model', 'members_model');
     $organisation = VipOrganisation();
     if (empty($organisation)) {
         $organisation = VipOrganisation(TRUE);
         redirect('viparea/' . $organisation);
         return;
     }
     $this->pages_model->SetPageCode('viparea_index');
     //get the rep data from the pr model
     $rep_data = $this->pr_model->GetOrganisationRatings(VipOrganisation());
     if (isset($rep_data['rep'])) {
         $rep = $rep_data['rep'];
         $rep['email'] = $this->members_model->GetMemberEmail($rep['id']);
         $rep['has_rep'] = true;
     } else {
         $rep['name'] = $this->config->item('pr_officer_name');
         $rep['email'] = $this->config->item('pr_officer_email_address');
         $rep['has_rep'] = false;
     }
     $data = array('main_text' => $this->pages_model->GetPropertyWikitext('main_text'), 'organisation' => VipOrganisation(), 'enable_members' => TRUE, 'rep' => $rep);
     // Set up the content
     $this->main_frame->SetTitleParameters(array('organisation' => VipOrganisationName()));
     $this->main_frame->SetContentSimple('viparea/main', $data);
     // Load the main frame
     $this->main_frame->Load();
 }
 function index()
 {
     if (!CheckPermissions('vip')) {
         return;
     }
     //load the required models and libraries
     $this->load->model('pr_model', 'pr_model');
     $this->load->model('members_model', 'members_model');
     $this->load->model('directory_model');
     //setup the page properties
     $this->pages_model->SetPageCode('viparea_contactpr');
     //set the defaults for the email
     $signature = $this->directory_model->GetOrganisationEmailSignature(VIPOrganisation());
     $subject = '';
     $content = "\r\r" . $signature;
     //get the rep data from the pr model
     $rep_data = $this->pr_model->GetOrganisationRatings(VipOrganisation());
     if (isset($rep_data['rep'])) {
         $rep = $rep_data['rep'];
         $rep['email'] = $this->members_model->GetMemberEmail($rep['id']);
         $rep['has_rep'] = true;
     } else {
         $rep['name'] = $this->config->item('pr_officer_name');
         $rep['email'] = $this->config->item('pr_officer_email_address');
         $rep['has_rep'] = false;
     }
     //users data
     $user_name = $this->members_model->GetMemberName($this->user_auth->entityId);
     if (isset($_POST['submit_save_advert'])) {
         if ($_POST['a_subject'] == '') {
             $this->messages->AddMessage('error', 'You must enter a subject for the email.');
             $content = $_POST['a_content'];
         } else {
             if ($_POST['a_content'] == '') {
                 $this->messages->AddMessage('error', 'You must enter a message for the email.');
                 $subject = $_POST['a_subject'];
             } else {
                 //no errors so send the email
                 $this->load->helper('yorkermail');
                 $to = $rep['email'];
                 $from = VipOrganisationName() . ' - ' . $user_name . ' <' . $this->members_model->GetMemberEmail($this->user_auth->entityId) . '>';
                 //try to send the email, report fail if error occurs
                 try {
                     yorkermail($to, $_POST['a_subject'], $_POST['a_content'], $from);
                     $this->messages->AddMessage('success', 'The email has been sent.');
                 } catch (Exception $e) {
                     $this->main_frame->AddMessage('error', $e->getMessage());
                 }
             }
         }
     }
     $data = array('main_text' => $this->pages_model->GetPropertyWikitext('main_text'), 'message_pr_target' => vip_url('contactpr'), 'rep' => $rep, 'subject' => $subject, 'content' => $content);
     $this->main_frame->SetContentSimple('viparea/contactpr', $data);
     $this->main_frame->Load();
 }
 function maintainer()
 {
     if (!CheckPermissions('vip+pr')) {
         return;
     }
     $organisation = VipOrganisation();
     $this->pages_model->SetPageCode('viparea_settings_admin');
     $this->_SetupTabs('admin');
     //Send update if information is given
     if (!empty($_POST['maintainer_button'])) {
         switch ($_POST['maintainer_type']) {
             case 'yorker':
                 $Data = array('maintainer_email' => null, 'maintainer_user_entity_id' => null, 'maintainer_name' => null);
                 $this->orgaccount_model->UpdateDirectoryOrganisationMaintainer($organisation, $Data);
                 $this->main_frame->AddMessage('success', 'Administrator information updated.');
                 break;
             case 'student':
                 $Data = array('maintainer_email' => null, 'maintainer_user_entity_id' => $this->user_auth->entityId, 'maintainer_name' => null);
                 $this->orgaccount_model->UpdateDirectoryOrganisationMaintainer($organisation, $Data);
                 $this->main_frame->AddMessage('success', 'Administrator information updated.');
                 break;
             case 'nonstudent':
                 if (!empty($_POST['maintainer_name']) and !empty($_POST['maintainer_email'])) {
                     $Data = array('maintainer_email' => $_POST['maintainer_email'], 'maintainer_user_entity_id' => null, 'maintainer_name' => $_POST['maintainer_name']);
                     $this->orgaccount_model->UpdateDirectoryOrganisationMaintainer($organisation, $Data);
                     $this->main_frame->AddMessage('success', 'Administrator information updated.');
                 } else {
                     $this->main_frame->AddMessage('error', 'Administrator not updated, the name or email was left blank.');
                 }
                 break;
             default:
                 $this->main_frame->AddMessage('error', 'Administrator not updated, invalid form option submitted.');
         }
     }
     $data['main_text'] = $this->pages_model->GetPropertyWikitext('main_text');
     $data['account_maintenance_text'] = $this->pages_model->GetPropertyWikitext('account_maintenance');
     $data['maintainer'] = $this->_GetMaintainer($organisation);
     $data['user_fullname'] = $this->user_auth->firstname . " " . $this->user_auth->surname;
     $data['is_student'] = $this->user_auth->isUser;
     // Set up the content
     $this->main_frame->SetContentSimple('viparea/account_maintainer', $data);
     $this->main_frame->SetTitleParameters(array('organisation' => VipOrganisationName()));
     // Load the main frame
     $this->main_frame->Load();
 }
 /**
  * @param $Suboption1 [string/integer] Operation code or business card id.
  *	- 'filter'
  *	- 'request'
  *	- 'new'
  * @param $Suboption2 [string] Sub operation code.
  *	- 'filter'
  *	- 'send'
  *	- 'post'
  *	- 'edit'
  * @param $Suboption3 [string] Another sub operation code.
  *
  * @todo Move back to directory :P
  */
 function cards($Suboption1 = NULL, $Suboption2 = NULL, $Suboption3 = NULL)
 {
     if (!CheckPermissions('vip+pr')) {
         return;
     }
     $this->load->library('image');
     $this->load->model('members_model');
     $mode = 'view';
     $sql = array('TRUE', array());
     if ($Suboption1 === 'filter') {
         static $field_translator = array('teamid' => 'subscriptions.subscription_organisation_entity_id', 'user' => 'business_cards.business_card_user_entity_id', 'card' => 'business_cards.business_card_id', 'paid' => 'subscriptions.subscription_paid', 'vip' => 'subscriptions.subscription_vip_status', 'confirmed' => '1', 'carded' => 'NULL', 'carding' => 'NULL', 'cardable' => 'NULL', 'mailable' => 'subscriptions.subscription_email', 'search' => 'NULL', 'firstname' => 'users.user_firstname', 'surname' => 'users.user_surname', 'nickname' => 'users.user_nickname', 'enrol_year' => 'users.user_enrolled_year');
         try {
             $filter = $this->_GetFilter(4);
             $sql = $this->_GenerateFilterSql($filter, $field_translator);
         } catch (Exception $e) {
             $this->messages->AddMessage('error', 'The filter is invalid: ' . $e->getMessage());
         }
     } elseif (is_numeric($Suboption1)) {
         $sql[0] = 'business_cards.business_card_id=?';
         $sql[1] = array($Suboption1);
         if ($Suboption2 === 'edit') {
             $mode = 'edit';
         }
     }
     $business_cards = $this->members_model->GetBusinessCards(VipOrganisationId(), $sql[0], $sql[1]);
     // DISPLAY BUSINESS CARDS ----------------------------------- //
     if ($mode === 'view') {
         $this->pages_model->SetPageCode('viparea_members_cards');
         $data = array('main_text' => $this->pages_model->GetPropertyWikitext('main_text'), 'business_cards' => $business_cards);
         // Set up the content
         $this->main_frame->SetContentSimple('members/members_cards', $data);
         // Set the title parameters
         $this->main_frame->SetTitleParameters(array('organisation' => VipOrganisationName()));
     } elseif ($mode === 'edit') {
         if (!count($business_cards)) {
             $this->messages->AddMessage('error', 'Business card ' . $Suboption1 . ' could not be found');
             redirect(vip_url('directory/cards'));
         }
         $this->pages_model->SetPageCode('viparea_members_card_edit');
         $this->load->model('directory_model');
         // translate into nice names for view
         $data = array('business_card' => $business_cards[0], 'business_card_goups' => array(), 'url' => vip_url('directory/cards/' . $business_cards[0]['id'] . '/edit'), 'cancel_url' => vip_url('directory/contacts'));
         //Get post data
         if (!empty($_POST["card_editbutton"])) {
             if (empty($_POST["card_name"]) || empty($_POST["card_title"])) {
                 $this->main_frame->AddMessage('error', 'Please include a name and a title for your contact card');
                 //add failed send the data back into the form
                 $data['card_form'] = $_POST;
             } else {
                 //find user id if exist
                 if (!empty($_POST["card_username"])) {
                     //find user id from username
                     $user_id = $this->businesscards_model->GetUserIdFromUsername($_POST["card_username"]);
                 } else {
                     $user_id = "";
                 }
                 //Send message if username was given and no id found
                 if ($user_id == "" && !empty($_POST["card_username"])) {
                     $this->main_frame->AddMessage('error', 'The user ' . $_POST["card_username"] . ' was not found, you may have spelt the username incorrectly or the user is not on the yorker. You may wish to leave that field blank.');
                     //add failed send the data back into the form
                     $data['card_form'] = $_POST;
                 } else {
                     //add contact card
                     //@note start time, end time, order, and image id are all currently null and not in use.
                     $this->businesscards_model->UpdateBuisnessCard($user_id, $_POST["group_id"], null, $_POST["card_name"], $_POST["card_title"], $_POST["card_about"], $_POST["card_course"], $_POST["email"], $_POST["phone_mobile"], $_POST["phone_internal"], $_POST["phone_external"], $_POST["postal_address"], 0, null, null, $Suboption1, 1);
                     //The last param 1 forces immediate publishing
                     $this->main_frame->AddMessage('success', 'The contact card was successfully updated.');
                     redirect(vip_url('directory/contacts/viewgroup/' . $_POST["group_id"]));
                 }
             }
         } else {
             //Send data to form if it isnt reloaded from a update attempt
             $cards_data = $this->directory_model->GetDirectoryOrganisationCardsById($Suboption1);
             foreach ($cards_data as $card_data) {
                 if ($card_data['business_card_user_entity_id'] != 0) {
                     $username = $this->businesscards_model->GetUsernameFromUserId($card_data['business_card_user_entity_id']);
                 } else {
                     $username = "";
                 }
                 $data['card_form'] = array('card_name' => $card_data['business_card_name'], 'card_title' => $card_data['business_card_title'], 'group_id' => $card_data['business_card_business_card_group_id'], 'card_username' => $username, 'card_course' => $card_data['business_card_course'], 'email' => $card_data['business_card_email'], 'card_about' => $card_data['business_card_blurb'], 'postal_address' => $card_data['business_card_postal_address'], 'phone_mobile' => $card_data['business_card_mobile'], 'phone_internal' => $card_data['business_card_phone_internal'], 'phone_external' => $card_data['business_card_phone_external']);
             }
         }
         // Business Card Groups
         $groups = $this->directory_model->GetDirectoryOrganisationCardGroups(VipOrganisation());
         foreach ($groups as $group) {
             $data['groups'][] = array('name' => $group['business_card_group_name'], 'id' => $group['business_card_group_id'], 'href' => vip_url('directory/cards/filter/cardgroup/' . $group['business_card_group_id']));
         }
         // Set the title parameters
         $this->main_frame->SetTitleParameters(array('organisation' => VipOrganisationName(), 'name' => $business_cards[0]['name']));
         $this->main_frame->SetContentSimple('directory/viparea_directory_contacts', $data);
     }
     $this->_SetupOrganisationNavbar();
     $this->main_frame->SetPage('contacts');
     // Load the main frame
     $this->main_frame->Load();
 }
/**
 * @param $Permission string or array of the following levels (in the order that
 *	they are to be obtained:
 *	- 'public' - anyone
 *	- 'student' - must be logged on
 *	- 'vip' - must be logged on as a vip
 *	- 'vip+pr' - must be logged on as a vip or a pr rep
 *	- 'office' - must be in the office
 *	- 'pr' - must be in the office as a pr rep
 *	- 'editor' - must be in the office as an editor
 *	- 'admin' - must be in the office as an administrator
 * @param $LoadMainFrame bool Whether to load the mainframe if permision hasn't
 *	 yet been acquired (for the login screen).
 * @return bool Whether enough privilages.
 */
function CheckPermissions($Permission = 'public', $LoadMainFrame = TRUE, $NoPost = FALSE)
{
    // Start a session
    $CI =& get_instance();
    // Initialisation stuff
    $CI->load->library('messages');
    $CI->load->model('user_auth');
    $CI->load->model('pages_model');
    // Decide on output format
    if (isset($_POST['fb_sig'])) {
        /// @todo AUTHENTICATE FACEBOOK
        OutputMode('fbml');
        global $_SESSION;
        $_SESSION = array();
    } else {
        if (isset($_GET['opmode'])) {
            OutputMode($_GET['opmode']);
        } else {
            OutputMode(DefaultOutputMode());
        }
    }
    // If the output mode is not supported, show a 404
    if (!in_array(OutputMode(), OutputModes())) {
        show_404();
    }
    // Translate some auxilliary permissions
    $auxilliary_permissions = array('moderator' => 'editor');
    if (array_key_exists($Permission, $auxilliary_permissions)) {
        $Permission = $auxilliary_permissions[$Permission];
    }
    $user_level = GetUserLevel();
    // URL analysis regarding vip area
    $thru_viparea = $CI->uri->total_segments() >= 1 && $CI->uri->segment(1) === 'viparea';
    $thru_office_pr = $CI->uri->total_segments() >= 3 && $CI->uri->segment(1) === 'office' && $CI->uri->segment(2) === 'pr' && $CI->uri->segment(3) === 'org';
    $thru_office_manage = $CI->uri->total_segments() >= 2 && $CI->uri->segment(1) === 'office' && $CI->uri->segment(2) === 'manage';
    $company_short_name = $CI->config->Item('company_organisation_id');
    $organisation_specified = FALSE;
    if ($thru_viparea) {
        if ($CI->uri->total_segments() > 1) {
            $organisation_shortname = $CI->uri->segment(2);
            $organisation_specified = TRUE;
            VipSegments(2);
        } else {
            $organisation_shortname = $CI->user_auth->organisationShortName;
        }
        // don't allow access to vip area of the company, only through office/manage
        if ($organisation_shortname === $company_short_name) {
            $organisation_shortname = '';
            $CI->user_auth->logoutOrganisation();
            redirect('');
        }
        vip_url('viparea/' . $organisation_shortname . '/', TRUE);
    } elseif ($thru_office_pr) {
        $organisation_shortname = $CI->uri->segment(4);
        $organisation_specified = TRUE;
        VipSegments(4);
        vip_url('office/pr/org/' . $organisation_shortname . '/', TRUE);
    } elseif ($thru_office_manage) {
        $organisation_shortname = $company_short_name;
        $organisation_specified = TRUE;
        VipSegments(2);
        vip_url('office/manage/', TRUE);
    } else {
        $organisation_shortname = '';
    }
    VipOrganisation(FALSE, $organisation_shortname);
    VipOrganisation(TRUE, $CI->user_auth->organisationShortName);
    // Login actions for student/vip/office logins
    $student_login_action = array('redirect+url', 'login/main', 'post' => TRUE);
    if ($organisation_specified) {
        $vip_login_action = array('redirect+url', 'login/vipswitch/' . $organisation_shortname, 'post' => TRUE);
    } else {
        $vip_login_action = array('redirect+url', 'login/vip', 'post' => TRUE);
    }
    $office_login_action = array('redirect+url', 'login/office', 'post' => TRUE);
    // If vip+pr, use URI to decide which
    if ($Permission === 'vip+pr') {
        $Permission = $thru_viparea ? 'vip' : ($thru_office_pr ? 'pr' : ($thru_office_manage ? 'manage' : ''));
    } elseif ($Permission === 'vip') {
        $Permission = $thru_viparea ? 'vip' : ($thru_office_manage ? 'manage' : '');
    } elseif ($thru_office_pr && $Permission !== 'pr' || $thru_viparea && $Permission !== 'vip' || $thru_office_manage && $Permission !== 'manage') {
        $Permission = '';
    }
    // Matrix indexed by user level, then page level, of behaviour
    // Possible values:
    //	NULL/notset	http error 404
    //	TRUE		allowed
    //	array		specially handled
    //	otherwise	access denied
    if ($user_level === 'public') {
        $action_levels = array('public' => TRUE, 'student' => $student_login_action, 'vip' => $student_login_action, 'office' => $student_login_action, 'pr' => $student_login_action, 'editor' => $student_login_action, 'manage' => $student_login_action, 'admin' => $student_login_action);
    } elseif ($user_level === 'student') {
        $action_levels = array('public' => TRUE, 'student' => TRUE, 'vip' => $vip_login_action, 'office' => $office_login_action, 'pr' => $office_login_action, 'editor' => $office_login_action, 'manage' => $office_login_action, 'admin' => $office_login_action);
    } elseif ($user_level === 'organisation') {
        // Logged in from public as organisation
        $allow_vip = array_key_exists($organisation_shortname, $CI->user_auth->allTeams);
        $action_levels = array('public' => TRUE, 'student' => TRUE, 'vip' => $allow_vip, 'office' => FALSE, 'pr' => FALSE, 'editor' => FALSE, 'manage' => FALSE, 'admin' => FALSE);
        if ($allow_vip) {
            VipOrganisationId(FALSE, $CI->user_auth->allTeams[$organisation_shortname][0]);
            VipOrganisationName(FALSE, $CI->user_auth->allTeams[$organisation_shortname][1]);
            VipOrganisationId(TRUE, $CI->user_auth->organisationLogin);
            VipOrganisationName(TRUE, $CI->user_auth->organisationName);
            VipMode('viparea');
            VipLevel('write', TRUE);
        }
    } elseif ($user_level === 'vip') {
        // Logged in as student and in VIP area
        $vip_door_open_action = array('message', 'warning', HtmlButtonLink(site_url('logout/vip' . $CI->uri->uri_string()), 'Leave VIP Area') . $CI->pages_model->GetPropertyText('login:warn_open_vip', TRUE), TRUE);
        $allow_vip = array_key_exists($organisation_shortname, $CI->user_auth->allTeams);
        if ($allow_vip) {
            $vip_accessible = TRUE;
            VipOrganisationId(FALSE, $CI->user_auth->allTeams[$organisation_shortname][0]);
            VipOrganisationName(FALSE, $CI->user_auth->allTeams[$organisation_shortname][1]);
            VipOrganisationId(TRUE, $CI->user_auth->organisationLogin);
            VipOrganisationName(TRUE, $CI->user_auth->organisationName);
            VipMode('viparea');
            VipLevel('write', TRUE);
        } else {
            // check permissions to access this organisation
            $vip_organisations = $CI->user_auth->getOrganisationLogins();
            foreach ($vip_organisations as $organisation) {
                if ($organisation['organisation_directory_entry_name'] == $organisation_shortname) {
                    $vip_accessible = $vip_login_action;
                    break;
                }
            }
            if (!isset($vip_accessible)) {
                $vip_accessible = FALSE;
            }
        }
        $action_levels = array('public' => $vip_door_open_action, 'student' => $vip_door_open_action, 'vip' => $vip_accessible, 'office' => $office_login_action, 'pr' => $office_login_action, 'editor' => $office_login_action, 'manage' => $office_login_action, 'admin' => $office_login_action);
    } else {
        // Office
        // Door left open actions
        $office_door_open_action = array('message', 'warning', HtmlButtonLink(site_url('logout/office' . $CI->uri->uri_string()), 'Leave Office') . $CI->pages_model->GetPropertyText('login:warn_open_office', TRUE), TRUE);
        $admin_door_open_action = $office_door_open_action;
        // check permissions to access this organisation
        $manage_accessible = FALSE;
        $vip_organisations = $CI->user_auth->getOrganisationLogins();
        foreach ($vip_organisations as $organisation) {
            if ($organisation['organisation_directory_entry_name'] == $company_short_name) {
                $manage_accessible = TRUE;
                break;
            }
        }
        // Refine further
        if ($user_level === 'office') {
            $action_levels = array('public' => $office_door_open_action, 'student' => $office_door_open_action, 'vip' => $vip_login_action, 'office' => TRUE, 'pr' => 'pr', 'editor' => FALSE, 'manage' => FALSE, 'admin' => FALSE);
        } elseif ($user_level === 'editor') {
            $action_levels = array('public' => $office_door_open_action, 'student' => $office_door_open_action, 'vip' => $vip_login_action, 'office' => TRUE, 'pr' => TRUE, 'editor' => TRUE, 'manage' => $manage_accessible, 'admin' => FALSE);
        } elseif ($user_level === 'admin') {
            $action_levels = array('public' => $admin_door_open_action, 'student' => $admin_door_open_action, 'vip' => $vip_login_action, 'office' => TRUE, 'pr' => TRUE, 'editor' => TRUE, 'manage' => $manage_accessible, 'admin' => TRUE);
        }
        // Change an office user to pr if they rep for the organisation
        static $vipModes = array('pr' => 'office', 'manage' => 'manage');
        if (array_key_exists($Permission, $vipModes)) {
            // Get organisation information
            $CI->db->select('organisation_entity_id AS id,' . 'organisation_name AS name,' . 'organisation_pr_rep AS rep');
            $CI->db->join('entities', 'organisation_entity_id = entity_id', 'inner');
            $CI->db->where(array('organisation_directory_entry_name' => $organisation_shortname, 'entity_deleted = FALSE'));
            $matching_org = $CI->db->get('organisations')->result_array();
            if (empty($matching_org)) {
                $action_levels[$Permission] = FALSE;
            } else {
                $matching_org = $matching_org[0];
                if ($action_levels[$Permission] === 'pr') {
                    $action_levels[$Permission] = TRUE;
                    $rep = $matching_org['rep'] == $CI->user_auth->entityId;
                    if ($rep) {
                        VipLevel('rep', TRUE);
                    } else {
                        VipLevel('read', TRUE);
                    }
                } elseif ($action_levels[$Permission]) {
                    VipLevel('write', TRUE);
                }
                VipOrganisationId(FALSE, $matching_org['id']);
                VipOrganisationName(FALSE, $matching_org['name']);
                VipOrganisationId(TRUE, $matching_org['id']);
                VipOrganisationName(TRUE, $matching_org['name']);
                VipMode($vipModes[$Permission]);
            }
        }
    }
    $access_allowed = FALSE;
    // No permission set or NULL indicates page doesn't exist at this URI
    if (!array_key_exists($Permission, $action_levels) || NULL === $action_levels[$Permission]) {
        return show_404();
    } else {
        $action = $action_levels[$Permission];
        // True is allow
        if (TRUE === $action) {
            $access_allowed = TRUE;
        } elseif (is_array($action)) {
            // Array is special decider
            // Perform action
            switch ($action[0]) {
                case 'handle':
                    $access_allowed = $action[1]($action[2], $Permission);
                    if (array_key_exists(3, $action)) {
                        $CI->messages->AddMessage($action[3], $action[4], FALSE);
                    }
                    break;
                case 'redirect+url':
                    $action[1] .= $CI->uri->uri_string();
                case 'redirect':
                    if (array_key_exists(2, $action)) {
                        $CI->messages->AddMessage($action[2], $action[3]);
                    }
                    if (array_key_exists('post', $action) && $action['post']) {
                        // store post data
                        if (!empty($_POST)) {
                            SetRedirectData($action[1], serialize($_POST));
                        }
                    }
                    // Before redirecting, forward on the redirected post data
                    $post_data = GetRedirectData();
                    if (NULL !== $post_data) {
                        SetRedirectData($action[1], $post_data);
                    }
                    // Do the redirect
                    redirect($action[1]);
                    return FALSE;
                case 'message':
                    $CI->messages->AddMessage($action[1], $action[2], FALSE);
                    $access_allowed = $action[3];
                    break;
                default:
                    break;
            }
        } else {
            // Anything else is disallow
            $CI->messages->AddMessage('warning', 'You do not have the ' . $Permission . ' privilages required!');
            //redirect('');
        }
        // Restore post data
        if ((TRUE === $action || is_array($action)) && !$NoPost) {
            $post_data = GetRedirectData();
            if (NULL !== $post_data) {
                $post_data = @unserialize($post_data);
                if (is_array($post_data)) {
                    if (!isset($_POST)) {
                        global $_POST;
                        $_POST = array();
                    }
                    foreach ($post_data as $key => $value) {
                        $_POST[$key] = $value;
                    }
                }
            }
        }
    }
    if ('fbml' === OutputMode()) {
        $Permission = 'facebookapp';
    } elseif ('ajax' === OutputMode()) {
        $Permission = 'ajax';
    } elseif (FeedOutputMode()) {
        $Permission = 'feed';
    }
    SetupMainFrame($Permission, FALSE);
    if (!$access_allowed && $LoadMainFrame) {
        $CI->load->library('Custom_pages');
        $page = new CustomPageView('error:permissions');
        $CI->main_frame->SetContent($page);
        $CI->main_frame->Load();
    }
    return $access_allowed;
}