function checkReadSecurity($p)
{
$current_user = BILO_uid();
if (BILO_isAdmin()) {
debug("Sec passed by Group Administrador Is God(TM)", 'red');
return True;
}
if ($p->inode == 0) {
debug("Sec passed by root dir", 'red');
return True;
}
// We are creating a new file or new folder
// Check if directory has write access for all
if (strpos($p->p_other, 'r') !== False) {
debug("Sec passed by Other:r {$p->p_other} {$p->nombre}", 'red');
return True;
}
// Check if directory has write access for group
if (BILO_checkGroup($p->gid)) {
if (strpos($p->p_group, 'r') !== False) {
debug("Sec passed by Group:r", 'red');
return True;
}
}
// Check if directory has write access for user
if (BILO_uid() == $p->uid) {
if (strpos($p->p_owner, 'r') !== False) {
debug("Sec passed by Owner:r " . BILO_uid() . "|" . $p->uid, 'red');
return True;
}
}
return false;
}
function BILO_isOperator()
{
global $SYS;
if ($SYS["config"]["authentication"] === false) {
debug(__FILE__ . " " . __LINE__ . ' Auth disabled by $SYS["config"]["authentication"]', "red");
return true;
}
if (BILO_checkGroup("Operadores")) {
return True;
} else {
return BILO_isAdmin();
}
}
$up->getPrefByUser(BILO_uid());
$up->setPrefs();
if (!$isLoginScreen && !$SYS["GLOBAL"]["void_login"]) {
if (BILO_isLogged() == false) {
PlantHTML(array("location" => $SYS["ROOT"] . "/Login/login.php"), "opener");
die;
} else {
if (BILO_isOperator() || BILO_isAdmin()) {
echo '';
} else {
PlantHTML(array("location" => $SYS["ROOT"] . "/Login/login.php"), "opener");
die;
}
}
}
if (!BILO_isAdmin() && !BILo_isOperator()) {
die(_("Sin privilegios"));
}
$EURI = explode("/", $petition);
/*
Creación de menús dinámico
*/
if (is_file(dirname(__FILE__) . "/../Apps/{$APP}/{$ACTION}")) {
if (strpos($ACTION, "action_") === 0) {
include dirname(__FILE__) . "/../Apps/{$APP}/{$ACTION}";
} else {
if ($SYS["GLOBAL"]["DEV_MODE"] && strpos($ACTION, "dev.php")) {
die("dev");
include dirname(__FILE__) . "/../Apps/{$APP}/{$ACTION}";
} else {
if ($print_mode) {
<?php
require_once "System.php";
if (!BILO_isAdmin()) {
if ($PSECRETKEY != md5($SECRETKEY) || !empty($_SERVER)) {
die("No safety");
}
}
require_once "conf.php";
ob_end_clean();
// MySQL hostname
$host = $SYS["mysql"]["DBHOST"];
//MySQL basename
$dbname = $SYS["mysql"]["DBNAME"];
// MySQL user
$uname = $SYS["mysql"]["DBUSER"];
// MySQL password
$upass = $SYS["mysql"]["DBPASS"];
// set FALSE to get table content
$structure_only = false;
//set TRUE to to get file with dump
$output = true;
//////////////////////////////////////////////////
//
// phpMyDump v 1.0
//
// check for new version
// http://szewo.com/php/mydump/eng
//
// some functions are adapted from the phpMyAdmin
//
<?php
require_once "Noticias.php";
$ID = isset($ID) ? $ID : 1;
$n = newObject("notice");
$n->isAdmin = BILO_isAdmin();
if ($ID > 1) {
$n = newObject("notice", $ID);
$f = newObject("foto", $n->adjunto);
$n->id_foto = $f->id_foto;
$n->id_thumb = $f->id_thumb;
$n->volver = gfxBotonAction("Volver", "history.go(-1)", True);
plantHTML($n, 'view_notice');
$n->visita++;
$n->fech_ult_consulta = date(time());
$n->save();
} else {
echo "<div align=\"center\"><B>ERROR EN LA PÁGINA</B></DIV>";
}
<?php
require_once "JasperReports.php";
$aux->isAdmin = BILO_isAdmin();
$aux = newObject("jasperreport");
setLimitRows(20);
$aux->searchResults = $aux->selectAll($offset, $sort);
listList($aux, array(), "listadojasperreport");
resetLimitRows();
<?php
/* Link, Frame, Label and Variable to check to show */
if (BILO_isAdmin()) {
$menu_entry = array("label" => "Informes Jasper", "active" => True, "items" => array(array("JasperReports/index.php", "fbody", "Informes disponibles"), array("JasperReports/add.php", "fbody", "Nuevo informe"), array("JasperReports/dev.php?command=querybuilder", "fbody", "Constructor de consultas"), array("JasperReports/interface.php?name=jasperreport", "fbody", "Gestión"), array("JasperReports/test.php", "fbody", "Chequear subsistema JAVA"), array(array(array("JasperReports/listadojasperreport.php", "fbody", "Jaspers"), array("JasperReports/nuevo_jasperreport.php", "fbody", "Nuevo Jaspers"), array("JasperReports/listadoreportparams.php", "fbody", "Params"), array("JasperReports/nuevo_reportparams.php", "fbody", "Nuevo Params")), "Maestros", "Maestros")));
}