function users_restricted() { ssl_required(); if( array_search(get_username(), AllowedUsers::$list) === False ) { // user not allowed to view this page // redirect to another page saying as much header('Location: ../error-page/?code=forbidden'); die(0); } }
<?php $docRoot = getenv("DOCUMENT_ROOT"); require_once $docRoot . "/mobi-config/mobi_web_constants.php"; require WEBROOT . "page_builder/security.php"; require WEBROOT . "page_builder/page_header.php"; require WEBROOT . "libraries/libraries_lib.php"; ssl_required(); $username = get_username(); $ask_us_lists = array('Art, Architecture & Planning' => '*****@*****.**', 'Engineering & Computer Science' => '*****@*****.**', 'Humanities' => '*****@*****.**', 'Management & Business' => '*****@*****.**', 'Science' => '*****@*****.**', 'Social Sciences' => '*****@*****.**', 'General' => '*****@*****.**', 'Circulation' => '*****@*****.**', 'Technical Help' => '*****@*****.**'); $consultation_lists = array('General' => '*****@*****.**', 'Art, Architecture & Planning' => '*****@*****.**', 'Engineering & Computer Science' => '*****@*****.**', 'GIS' => '*****@*****.**', 'Humanities' => '*****@*****.**', 'Management & Business' => '*****@*****.**', 'Science' => '*****@*****.**', 'Social Sciences' => '*****@*****.**'); $required_text = ''; $missing_fields = array(); if ($_REQUEST['ask_type']) { // user submitted a question $ask_type = $_REQUEST['ask_type']; $fullname = get_fullname(); $name_parts = explode(' ', $fullname); $first_name = $name_parts[0]; $last_name = end($name_parts); $email = "{$username}@mit.edu"; $server = $_SERVER['SERVER_NAME']; $additional_headers = "From: {$fullname} <{$username}@{$server}>"; $additional_headers .= "\r\n" . "Reply-To: {$email}"; $additional_headers .= "\r\n" . 'Cc: lisah@mit.edu'; $topic = $_REQUEST['topic'] or missing_input('topic', $missing_fields); $status = $_REQUEST['status'] or missing_input('status', $missing_fields); $department = $_REQUEST['department'] or missing_input('department', $missing_fields); $contact_phone = $_REQUEST['phone']; if ($ask_type == 'form') { $recipient = $ask_us_lists[$topic];