$arrPrivateReports = array(); $arrSharedReports = array(); $arr_charts = array(); $arrPrivateCharts = array(); $arrSharedCharts = array(); $arr_reports = GetReportsList(); foreach ( $arr_reports as $rpt ) { if ( (trim($rpt["owner"]) != trim(@$_SESSION["UserID"]) || trim($rpt["owner"]) == "") && $rpt["status"]=="public") { $arrSharedReports[] = $rpt; } elseif ( trim($rpt["owner"]) == trim(@$_SESSION["UserID"]) ) { $arrPrivateReports[] = $rpt; } } $arr_charts = GetChartsList(); foreach ( $arr_charts as $chart ) { if (( trim($chart["owner"]) != trim(@$_SESSION["UserID"]) || trim($chart["owner"]) == "" ) && $chart["status"]=="public") { $arrSharedCharts[] = $chart; } elseif ( trim($chart["owner"]) == trim(@$_SESSION["UserID"]) ) { $arrPrivateCharts[] = $chart; } } $arr_tables_db = DBGetTablesListByGroup("db"); $arr_tables_project = DBGetTablesListByGroup("project"); $arr_tables_custom = DBGetTablesListByGroup("custom"); foreach ( $arrSharedReports as $rpt ) { if ( $rpt["status"] == "public" && ($rpt['view'] || $rpt['edit'])) { $shared_reports .= '<div style="margin-bottom:5px;">'; $shared_reports .= '<span class="ritem" id="' . $rpt['name'] . '" title="'.runner_htmlspecialchars($rpt['title']).'">';
* Objetivo: Permitir que o usuário tenho acesso ao módulo de relatório, após logar no sistema * if (( $rpt["owner"] != @$_SESSION["login"] || $rpt["owner"] == "") && $rpt["view"]==0 && $rpt_array['settings']['name']==$rpt["name"]) { echo "<p>"."Acesso negado"."</p>"; exit(); } } */ if (!isset($_SESSION["login"])) { echo "<p>" . "Acesso negado" . "</p>"; exit(); } if (count(GetUserGroups()) > 1) { $arr_reports = array(); $arr_reports = GetChartsList(); foreach ($arr_reports as $rpt){ if (( $rpt["owner"] != @$_SESSION["UserID"] || $rpt["owner"] == "") && $rpt["view"] == 0 && $chrt_array['settings']['name'] == $rpt["name"]) { echo "<p>" . "You don't have permissions to view this chart" . "</p>"; exit(); } } } // process request data, fill session variables if (!count($_POST) && ( count($_GET) <= 1 )) { $sess_unset = array(); foreach ($_SESSION as $key => $value) if (substr($key, 0, strlen($sessPrefix) + 1) == $sessPrefix . "_" && strpos(substr($key, strlen($sessPrefix) + 1), "_") === false) $sess_unset[] = $key;