function CreateNav($token, $skin) { global $defined; $auth = new Authenticate(); $level = new AccessLevels(); if (empty($token)) { $data->menu = 'menu.default.tpl'; } else { if ($auth->AuthUser(NULL, NULL, $token) === -1 || $auth->AuthUser(NULL, NULL, $token) === -2) { // $data->menu = $msg; $data->menu = 'menu.default.tpl'; } else { if ($level->ChkLevel($token) === "admin") { $data->menu = 'menu.admin.tpl'; } elseif ($level->ChkLevel($token) === "user") { $data->menu = 'menu.user.tpl'; } elseif ($level->ChkLevel($token) === "view") { $data->menu = 'menu.view.tpl'; } else { $data->menu = 'menu.default.tpl'; } } } return $data->menu; }
if ($val->ValidateString($_GET['skin']) === -1 || empty($_GET['skin'])) { $style = $defined['templates'] . "/black"; if (!empty($_GET['skin'])) { $skin_err = $err->GenerateErrorLink("help/help.php", "#val_xss", $defined['error_small'], $errors['val_xss'], NULL, NULL); } } else { $style = $skin->SelectSkin($defined['templates'], $_GET['skin'], $_COOKIE['skin']); } // call our header file and pass it some variables $tpl->assign('TITLE', $defined['title'], NULL, NULL); $tpl->assign('DESCRIPTION', "Manage Pools", NULL, NULL); $tpl->assign('STYLE', $style, NULL, NULL); // authentication template $FILE = "auth.tpl"; // default is no error just diplay login form if ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -1) { // well looks like at least one login attempt has been processed, show empty field error if ($_SESSION['x']++ >= 1) { $ERROR = $err->GenerateErrorLink("help/help.html", "#missing", $defined['error'], $errors['auth_e'], NULL, NULL); } // timeout with authentication token } elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -2) { $ERROR = $err->GenerateErrorLink("help/help.html", "#timeout", $defined['error'], $errors['auth_to'], NULL, NULL); $misc->ExitApplication($_SESSION['token']); // error in validation of authentication data } elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -3) { $ERROR = $err->GenerateErrorLink("help/help.html", "#alphanum", $defined['error'], $errors['val_alp'], NULL, NULL); // authentication data not found in database } elseif ($auth->AuthUser($_POST['user'], $_POST['pass'], $_SESSION['token']) === -4) { $ERROR = $err->GenerateErrorLink("help/help.html", "#user", $defined['error'], $errors['auth_n'], NULL, NULL); // error in database query