function get_frontmenu_all()
{
$query = 'select a.nid,nid_parent,cmenu,ci_path,ci_controller,ci_func_controller,icon_class,is_main from ' . $this->frontmenu . ' as a ';
$cwhere = ' a.bhide=0 ';
if (b_admin(b_getuserlogin())) {
} else {
$query .= 'join ' . $this->granted . ' as d on d.nid_frontmenus=a.nid ';
$cwhere .= ' and d.nid_users=' . $this->db->escape($this->session->userdata('SESS_USER_ID'));
}
$query .= ' where ' . $cwhere;
$query .= ' order by a.nurut ';
$result = $this->db->query($query);
return $result;
}
if (USERLEVEL >= bc_supervisor and !b_admin($_POST['nid']) and b_getuserlogin() != $_POST['nid']) {
?>
<tr>
<td colspan="2"><h2>Grant Modul</h2></td>
</tr>
<tr>
<td colspan="2">
<table>
<?php
$csql = "select * from " . PREFIX . "moduls order by nid";
$nresult = gcms_query($csql);
$i = 0;
while ($omoduls = gcms_fetch_object($nresult)) {
b_fetch("select count(nid) from " . PREFIX . "granted where nid_users='" . $_POST['nid'] . "' and nid_moduls='{$omoduls->nid}'") > 0 ? $ccheck = "checked" : ($ccheck = "");
$ainfo = b_readinit(str_replace(".php", ".init.php", $omoduls->cpath));
if (($ainfo['level'] <= USERLEVEL or b_admin(b_getuserlogin())) and $ainfo['type'] != "lib") {
//(strtolower($ainfo['type'])=="admin")?$ctype="(Admin)":$ctype="(Frontend)";
if (strtolower($ainfo['type']) == "admin") {
?>
<tr>
<td><input type="checkbox" name="modul[<?php
echo $i;
?>
]" value="<?php
echo $omoduls->nid;
?>
" <?php
echo $ccheck;
?>
>
<?php
$creff = "<a href=\"?cact=" . $_REQUEST['cact'] . "&csub=0\">Extensions</a>\n";
} else {
$creff = "<a href=\"?cact=" . $_REQUEST['cact'] . "&csub=0\" class=\"current\">Extensions</a>\n";
}
}
$csubmenu .= "<li " . $ccurrent . ">" . $creff . "</li>";
if (b_admin(b_getuserlogin())) {
$csql = "select * from " . PREFIX . "moduls";
} else {
$csql = "select a.nid, a.cpath, b.nstatus from " . PREFIX . "moduls as a\r\n inner join " . PREFIX . "granted as b on \r\n a.nid=b.nid_moduls and b.nid_users='" . $_SESSION['nid_login'] . "'";
}
$nresult = gcms_query($csql);
$agroup[] = "";
while ($omoduls = gcms_fetch_object($nresult)) {
$ainfo_menu = b_readinit(str_replace(".php", ".init.php", strtolower($omoduls->cpath)));
if ($omoduls->nstatus >= $ainfo_menu['level'] or b_admin(b_getuserlogin())) {
$ccurrent = "";
$creff = "";
if (!in_array($ainfo_menu['group'], $agroup)) {
$agroup[] = $ainfo_menu['group'];
}
if (trim(strtolower($ainfo_menu['type'])) == "admin" and trim(strtolower($ainfo_menu['group'])) == strtolower($cgroup) and $ainfo_menu['grant'] <= $bv_level) {
if ($_REQUEST['csub'] == $omoduls->nid) {
$creff = "<a href=\"?cact=" . $_REQUEST['cact'] . "&csub={$omoduls->nid}\" class=\"current\">" . trim($ainfo_menu['name']) . "</a>";
} else {
$creff = "<a href=\"?cact=" . $_REQUEST['cact'] . "&csub={$omoduls->nid}\">" . trim($ainfo_menu['name']) . "</a>";
}
}
$csubmenu .= "<li " . $ccurrent . ">" . $creff . "</li>\r\n";
}
}
/**
* Mendapatkan title berdasarkan menu yang dipilih
*
* @param string $cpage
* @return unknown
*/
function menu_get_title($cpage)
{
if (b_antisqlinjection($cpage) and $cpage != "") {
if (b_admin(b_getuserlogin())) {
$csql = "select * from " . PREFIX . "frontmenus where nid='" . $cpage . "'";
} else {
$csql = "select a.* from " . PREFIX . "frontmenus as a\r\n\t\t left join " . PREFIX . "grantedfrontmenus as b on a.nid=b.nid_frontmenus\r\n\t\t where a.nid='" . $cpage . "' and \r\n\t\t (b.nid_users='" . b_getuserlogin() . "' or a.bsecure=0)";
}
$nresult = gcms_query($csql);
$opage = gcms_fetch_object($nresult);
$csql = "select cgroup from " . PREFIX . "groupfrontmenus where nid='" . $opage->nid_groupfrontmenus . "'";
$creturn = b_fetch($csql) . " - " . $opage->cmenu;
return $creturn;
}
}
}
include 'header-admin.php';
if (!b_logged()) {
include 'login.php';
} else {
include 'menu.php';
if ($_REQUEST['cact'] == 0) {
include 'dashboard.php';
} else {
if ($bdash) {
include 'extension.php';
} else {
if (isset($cpath)) {
?>
<div class="judul"><?php
echo $ainfo['name'];
?>
</div>
<?php
$ainfo = b_readinit(str_replace(".php", ".init.php", $cpath));
$csql = "select nstatus from " . PREFIX . "granted where nid_users='" . $_SESSION['nid_login'] . "' and nid_moduls='" . $_REQUEST['csub'] . "'";
if (b_fetch($csql) >= $ainfo['level'] or b_admin(b_getuserlogin())) {
if (file_exists($cpath)) {
include $cpath;
}
}
}
}
}
}
include 'footer-admin.php';
public function FBUpdate($tableName, $other_request, $exception, $str_where, $intDebug = 0)
{
$nfield = 0;
$nother = 0;
$nexception = count($exception);
if ($this->isTableExist($tableName)) {
$this->erro = 0;
$this->erro_msg = '';
$this->rows = 0;
if ($this->erro == 0) {
$qry_temp = "UPDATE {$tableName} SET ";
$sql = "select FIRST 1 SKIP 1 * from {$tableName} ";
$intQuery = $this->Query($sql, 0, 1);
$coln = $this->GetNumFields($intQuery);
$this->setFieldTable($intQuery);
for ($i = 0; $i < $coln; $i++) {
$col_info = $this->GetFieldInfo($intQuery, $i);
$col_info['name'] = strtolower($col_info['name']);
if (!in_array($col_info['name'], array_change_key_case($exception, CASE_LOWER))) {
if (array_key_exists($col_info['name'], $_REQUEST)) {
$nfield++;
if ($col_info['type'] == 'DATE') {
if ($_REQUEST[$col_info['name']] == '') {
$qry_temp .= $col_info['name'] . '=NULL,';
} else {
$qry_temp .= $col_info['name'] . '=' . $this->quote_smart($this->formatDate($_REQUEST[$col_info['name']])) . ',';
}
} elseif (!in_array($col_info['type'], $this->type_string)) {
$qry_temp .= $col_info['name'] . '=' . $this->quote_smart(str_replace(',', '', $_REQUEST[$col_info['name']])) . ',';
} else {
$qry_temp .= $col_info['name'] . '=' . $this->quote_smart($_REQUEST[$col_info['name']]) . ',';
}
}
if (array_key_exists(strtolower($col_info['name']), array_change_key_case($other_request, CASE_LOWER))) {
$nother++;
if ($col_info['type'] == 'DATE') {
if ($other_request[$col_info['name']] == '') {
$qry_temp .= $col_info['name'] . '=NULL,';
} else {
$qry_temp .= $col_info['name'] . '=' . $this->quote_smart($this->formatDate($other_request[$col_info['name']])) . ',';
}
} elseif (!in_array($col_info['type'], $this->type_string)) {
$qry_temp .= $col_info['name'] . '=' . $this->quote_smart(str_replace(',', '', $other_request[$col_info['name']])) . ',';
} else {
$qry_temp .= $col_info['name'] . '=' . $this->quote_smart($other_request[$col_info['name']]) . ',';
}
}
if ($col_info['type'] == 'TIMESTAMP') {
$qry_temp .= $col_info['name'] . '=' . $this->quote_smart('NOW') . ',';
$nfield++;
}
if ($col_info['name'] == 'user_id') {
$qry_temp .= $col_info['name'] . '=' . $this->quote_smart(b_getuserlogin()) . ',';
$nfield++;
}
}
}
$qry_temp .= ')';
$qry_temp = str_replace(',)', ' ', $qry_temp);
$qry_temp .= ' ' . $str_where . ' ';
if ($intDebug) {
echo $qry_temp;
} else {
if ($coln - $nexception != $nfield + $nother) {
echo '$coln: ' . $coln . "\n";
echo '$nexception: ' . $nexception . "\n";
echo '$nfield: ' . $nfield . "\n";
echo '$nother: ' . $nother . "\n";
echo 'Parameter Query Invalid' . "\n";
} else {
//$this->result=@$this->Query($qry_temp,0,1);
$this->result = ibase_query($qry_temp);
if ($this->result) {
$this->erro = 0;
$this->erro_msg = 'Executing Insert Query Success !';
} else {
$this->erro = ibase_errcode();
$this->erro_msg = ibase_errmsg();
}
}
}
}
} else {
$this->erro = 99;
$this->erro_msg = 'Table doesn\'t exist !';
}
return $this->result;
}
?>
<br>
by: <?php
echo $cby;
?>
<br>
Source: <?php
echo $csource;
?>
</td>
<td align="left" valign="middle" bgcolor="<?php
echo $ccolor;
?>
" width="20%">
<?php
b_admin(b_getuserlogin()) ? $cdisabled = "" : ($cdisabled = "disabled");
$cremove = str_replace('dummy', $cdisabled, $cremove);
?>
<input type="submit" name="submit" value="<?php
echo $cvalue;
?>
" <?php
echo $cdisabled;
?>
><?php
echo $cremove;
?>
</td>
</tr>
</form>
<?php
