function verificar_permiso_modulo($modulo) {
$nivel = ($_SESSION['level'] == 0) ? true : false;
$usuario = $_SESSION['user'];
$permiso_modulo = false;
$permiso_usuario = false;
$acceso_por_grupo_query = "select permiso from permiso_modulo_grupo
INNER JOIN grupo_usuario ON
permiso_modulo_grupo.id_grupo = grupo_usuario.id_grupo
WHERE id_usuario = '$usuario' AND modulo='$modulo';";
$acceso_usuario_query = "select * from permiso_modulo_usuario
WHERE id_usuario='$usuario' AND modulo='$modulo'";
BM::singleton()->getObject('db')->executeQuery($acceso_por_grupo_query);
if (BM::singleton()->getObject('db')->getNumRows() > 0) {
while ($data = BM::singleton()->getObject('db')->getResult()->fetch_assoc()) {
$permiso_modulo = ($data['permiso'] == 0) ? true : false;
}
}
BM::singleton()->getObject('db')->executeQuery($acceso_usuario_query);
if (BM::singleton()->getObject('db')->getNumRows() > 0) {
while ($data = BM::singleton()->getObject('db')->getResult()->fetch_assoc()) {
$permiso_usuario = ($data['permiso'] == 0) ? true : false;
}
}
if ($nivel || $permiso_modulo || $permiso_usuario)
return true;
else {
return false;
}
}
public function login() {
if (empty($_POST)) {
HttpHandler::redirect('/'+MODULE+'/login/form');
} else {
BM::singleton()->getObject('db')->newConnection(HOST, USER, PASSWORD, DATABASE);
$usuario = BM::singleton()->getObject('db')->sanitizeData($_POST['usuario']);
$clave = cifrar_RIJNDAEL_256($_POST['clave']);
$query = "SELECT * FROM empleado WHERE usuario='{$usuario}' AND clave='{$clave}' AND modulo='terceros';";
BM::singleton()->getObject('db')->executeQuery($query);
if (BM::singleton()->getObject('db')->getNumRows() > 0) {
$level = 1;
while ($data = BM::singleton()->getObject('db')->getResult()->fetch_assoc()) {
$level = $data['permiso'];
}
Session::singleton()->NewSession($usuario, $level);
if(!isset($_GET['url'])||empty($_GET['url'])){
HttpHandler::redirect('/'.MODULE.'/login/form');
}else{
HttpHandler::redirect($_GET['url']);
}
} else {
HttpHandler::redirect('/'.MODULE.'/login/form?error_id=2');
}
}
}
public function Recovery() {
BM::singleton()->getObject('temp')->buildFromTemplates('recovery.html');
page()->setTitle('Recovery');
BM::singleton()->getObject('temp')->parseExtras();
BM::singleton()->getObject('temp')->parseOutput();
print BM::singleton()->getObject('temp')->getPage()->getContent();
}
/**
* gets core instance
*
* @return BMObject
*
*/
public static function singleton() {
if (!isset(self::$instance)) {
$obj = __CLASS__;
self::$instance = new $obj;
}
return self::$instance;
}
public function show_form() {
BM::singleton()->getObject('temp')->buildFromTemplates('login.html');
page()->setTitle('Acceso');
BM::singleton()->getObject('temp')->parseExtras();
BM::singleton()->getObject('temp')->parseOutput();
print BM::singleton()->getObject('temp')->getPage()->getContent();
}
public function e403() {
BM::singleton()->getObject('temp')->buildFromTemplates('template_nofixed.html');
template()->addTemplateBit('content', 'e403.html');
BM::singleton()->getObject('temp')->getPage()->setTitle("Acceso restringido");
BM::singleton()->getObject('temp')->getPage()->addEstigma("username", Session::singleton()->getUser());
BM::singleton()->getObject('temp')->getPage()->addEstigma("TITULO", "Error 403");
BM::singleton()->getObject('temp')->parseExtras();
BM::singleton()->getObject('temp')->parseOutput();
print BM::singleton()->getObject('temp')->getPage()->getContent();
}
public function login() {
if (empty($_POST)) {
HttpHandler::redirect('/warbook/login/form');
} else {
BM::singleton()->getObject('db')->newConnection(HOST, USER, PASSWORD, DATABASE);
$usuario = BM::singleton()->getObject('db')->sanitizeData($_POST['usuario']);
$clave = md5($_POST['clave']);
$query = "SELECT * FROM User WHERE EmailAddress='{$usuario}' AND AccessPassword='******'";
//echo $query;
BM::singleton()->getObject('db')->executeQuery($query);
if (BM::singleton()->getObject('db')->getNumRows() > 0) {
$level = 1;
Session::singleton()->NewSession($usuario, $level);
HttpHandler::redirect('/warbook/login/form');
} else {
HttpHandler::redirect('/warbook/login/form?error_id=2');
}
}
}
/**
* Load template
*
* @return none
*
*/
public function buildFromTemplates() {
$bits = func_get_args();
$content = "";
echo $content;
foreach ($bits as $bit):
if (strpos($bit, APP_PATH . 'static/html/') === false):
$bit = APP_PATH . 'static/html/' . BM::getSetting('skin') . '/templates/' . $bit;
endif;
if (file_exists($bit) == true):
$content .= file_get_contents($bit);
endif;
endforeach;
$this->page->setContent($content); // update content in page builder
}
BM::singleton()->getObject('temp')->getPage()->setJs('static/js/jquery.widget.min.js');
BM::singleton()->getObject('temp')->getPage()->setJs('static/js/foundation.min.js');
BM::singleton()->getObject('temp')->getPage()->setJs('static/js/vendor/modernizr.js');
BM::singleton()->getObject('temp')->getPage()->setCss('static/css/jquery-ui.min.css');
BM::singleton()->getObject('temp')->getPage()->setCss('static/css/foundation.css');
BM::singleton()->getObject('temp')->getPage()->setCss('static/fonts/foundation-icons.css');
BM::singleton()->getObject('temp')->getPage()->setCss('common/plugins/sigma/grid/gt_grid.css');
BM::singleton()->getObject('temp')->getPage()->setCss('common/plugins/sigma/grid/skin/mac/skinstyle.css');
BM::singleton()->getObject('temp')->getPage()->setCss('common/plugins/sigma/grid/skin/vista/skinstyle.css');
BM::singleton()->getObject('temp')->getPage()->setJs('static/js/business.manager.1.0.js');
BM::singleton()->getObject('temp')->getPage()->setJs('common/plugins/sigma/grid/calendar/calendar.js');
BM::singleton()->getObject('temp')->getPage()->setJs('common/plugins/sigma/grid/calendar/calendar-setup.js');
BM::singleton()->getObject('temp')->getPage()->setJs('common/plugins/sigma/grid/gt_grid_all.js');
//BM::singleton()->getObject('temp')->getPage()->setJs('common/plugins/sigma/grid/gt_const.js');
BM::singleton()->getObject('temp')->getPage()->setJs('common/plugins/sigma/grid/gt_msg_en.js');
BM::singleton()->getObject('temp')->getPage()->setJs('common/plugins/sigma/grid/flashchart/fusioncharts/FusionCharts.js');
BM::singleton()->getObject('db')->newConnection(HOST, USER, PASSWORD, DATABASE);
##### fin de configuraciones #####
$front = new frontController(array()); # crear controlador 'front'
$front->run(); # correr controlador 'front'
exit();
?>
function data_model() {
return BM::singleton()->getObject('db');
}
