redirect_browser(module_customer::link_open($_REQUEST['customer_id'])); } } if ($user_id == 1 && module_security::get_loggedin_id() != 1) { set_error('Sorry, only the Administrator can access this page.'); redirect_browser(_UCM_HOST . _BASE_HREF); } // permission check. if (!$user_id) { // check if can create. module_security::check_page(array('category' => 'Config', 'page_name' => 'Users', 'module' => 'user', 'feature' => 'Create')); // are we creating a new user? $user['roles'] = array(array('security_role_id' => module_config::c('user_default_role', 0))); } else { // check if can view/edit. module_security::check_page(array('category' => 'Config', 'page_name' => 'Users', 'module' => 'user', 'feature' => 'Edit')); } // work out the user type and invluce that particular file /*$user_type_id = (int)$user['user_type_id']; if(!$user_type_id){ if(in_array('config',$load_modules)){ $user_type_id = 1; }else{ $user_type_id = 2; } }*/ //include('user_admin_edit'.$user_type_id.'.php'); //include('user_admin_edit1.php'); if (isset($user['customer_id']) && $user['customer_id'] || isset($user['vendor_id']) && $user['vendor_id']) { // we have a contact!
$staff_members = module_user::get_staff_members(); $staff_member_rel = array(); foreach ($staff_members as $staff_member) { $staff_member_rel[$staff_member['user_id']] = $staff_member['name']; } $c = array(); $customers = module_customer::get_customers(); foreach ($customers as $customer) { $c[$customer['customer_id']] = $customer['customer_name']; } if (count($c) == 1) { $job['customer_id'] = key($c); } // check permissions. if (class_exists('module_security', false)) { module_security::check_page(array('category' => 'Job', 'page_name' => 'Jobs', 'module' => 'job', 'feature' => 'create')); } $job_tasks = module_job::get_tasks($job_id); ?> <script type="text/javascript"> var completed_tasks_hidden = false; // set with session variable / cookie var editing_task_id = false; function show_completed_tasks(){ } function hide_completed_tasks(){ } function setamount(a,task_id){
* Envato: 4ffca17e-861e-4921-86c3-8931978c40ca * Package Date: 2015-11-25 02:55:20 * IP Address: 67.79.165.254 */ if (!$module->can_i('view', 'Products') || !$module->can_i('edit', 'Products')) { redirect_browser(_BASE_HREF); } // check permissions. if (class_exists('module_security', false)) { if ($product_category_id > 0 && $product_category['product_category_id'] == $product_category_id) { // if they are not allowed to "edit" a page, but the "view" permission exists // then we automatically grab the page and regex all the crap out of it that they are not allowed to change // eg: form elements, submit buttons, etc.. module_security::check_page(array('category' => 'Product', 'page_name' => 'Products', 'module' => 'product', 'feature' => 'Edit')); } else { module_security::check_page(array('category' => 'Product', 'page_name' => 'Products', 'module' => 'product', 'feature' => 'Create')); } module_security::sanatise_data('product', $product_category); } ?> <form action="" method="post" id="product_category_form"> <input type="hidden" name="_process" value="save_product_category" /> <input type="hidden" name="product_category_id" value="<?php echo (int) $product_category_id; ?> " /> <?php module_form::set_required(array('fields' => array('name' => 'Name'))); module_form::prevent_exit(array('valid_exits' => array('.submit_button')));
<?php /** * Copyright: dtbaker 2012 * Licence: Please check CodeCanyon.net for licence details. * More licence clarification available here: http://codecanyon.net/wiki/support/legal-terms/licensing-terms/ * Deploy: 9809 f200f46c2a19bb98d112f2d32a8de0c4 * Envato: 4ffca17e-861e-4921-86c3-8931978c40ca * Package Date: 2015-11-25 02:55:20 * IP Address: 67.79.165.254 */ $group_id = (int) $_REQUEST['group_id']; $group = array(); if ($group_id > 0) { if (class_exists('module_security', false)) { module_security::check_page(array('category' => 'Group', 'page_name' => 'Groups', 'module' => 'group', 'feature' => 'edit')); } $group = module_group::get_group($group_id); } else { } if (!$group) { die('Creating groups this way is disabled'); $group_id = 'new'; $group = array('group_id' => 'new', 'name' => '', 'default_text' => ''); module_security::sanatise_data('group', $group); } ?> <form action="" method="post"> <?php
* Copyright: dtbaker 2012 * Licence: Please check CodeCanyon.net for licence details. * More licence clarification available here: http://codecanyon.net/wiki/support/legal-terms/licensing-terms/ * Deploy: 9809 f200f46c2a19bb98d112f2d32a8de0c4 * Envato: 4ffca17e-861e-4921-86c3-8931978c40ca * Package Date: 2015-11-25 02:55:20 * IP Address: 67.79.165.254 */ if (!module_config::can_i('edit', 'Settings')) { redirect_browser(_BASE_HREF); } $company_id = (int) $_REQUEST['company_id']; $company = array(); if ($company_id > 0) { if (class_exists('module_security', false)) { module_security::check_page(array('category' => 'Company', 'page_name' => 'Company', 'module' => 'company', 'feature' => 'edit')); } $company = module_company::get_company($company_id); } else { } if (!$company) { $company_id = 'new'; $company = array('company_id' => 'new', 'name' => ''); module_security::sanatise_data('company', $company); } ?> <form action="" method="post"> <input type="hidden" name="_process" value="save_company" /> <input type="hidden" name="company_id" value="<?php
$invoice = module_invoice::get_invoice($invoice_id); if ($invoice_id > 0 && $invoice && $invoice['invoice_id'] == $invoice_id) { $module->page_title = _l('Invoice: #%s', htmlspecialchars($invoice['name'])); if (class_exists('module_security', false)) { // make sure current customer can access this invoice if (!module_security::can_access_data('invoice', $invoice, $invoice_id)) { echo 'Data access denied. Sorry.'; exit; } module_security::check_page(array('category' => 'Invoice', 'page_name' => 'Invoices', 'module' => 'invoice', 'feature' => 'edit')); } } else { $invoice_id = 0; $invoice = module_invoice::get_invoice($invoice_id); if (class_exists('module_security', false)) { module_security::check_page(array('category' => 'Invoice', 'page_name' => 'Invoices', 'module' => 'invoice', 'feature' => 'create')); } module_security::sanatise_data('invoice', $invoice); } $invoice_items = module_invoice::get_invoice_items($invoice_id, $invoice); $invoice_locked = $invoice['date_sent'] && $invoice['date_sent'] != '0000-00-00' || $invoice['date_paid'] && $invoice['date_paid'] != '0000-00-00'; if (isset($_REQUEST['as_deposit']) && isset($_REQUEST['job_id'])) { $invoice['deposit_job_id'] = (int) $_REQUEST['job_id']; } $discounts_allowed = !(isset($invoice['deposit_job_id']) && $invoice['deposit_job_id'] > 0); $customer_data = array(); if ($invoice['customer_id']) { $customer_data = module_customer::get_customer($invoice['customer_id']); } $show_task_dates = module_config::c('invoice_task_list_show_date', 1); $colspan = 2;
* Envato: 4ffca17e-861e-4921-86c3-8931978c40ca * Package Date: 2015-11-25 02:55:20 * IP Address: 67.79.165.254 */ $member_id = (int) $_REQUEST['member_id']; $member = array(); $member = module_member::get_member($member_id); // check permissions. if (class_exists('module_security', false)) { if ($member_id > 0 && $member['member_id'] == $member_id) { // if they are not allowed to "edit" a page, but the "view" permission exists // then we automatically grab the page and regex all the crap out of it that they are not allowed to change // eg: form elements, submit buttons, etc.. module_security::check_page(array('category' => 'Member', 'page_name' => 'Members', 'module' => 'member', 'feature' => 'Edit')); } else { module_security::check_page(array('category' => 'Member', 'page_name' => 'Members', 'module' => 'member', 'feature' => 'Create')); } module_security::sanatise_data('member', $member); } $module->page_title = _l('Member: %s', htmlspecialchars($member['first_name'] . ' ' . $member['last_name'])); ?> <form action="" method="post" id="member_form"> <input type="hidden" name="_process" value="save_member" /> <input type="hidden" name="member_id" value="<?php echo $member_id; ?> " /> <?php module_form::set_required(array('fields' => array('first_name' => 'Name', 'email' => 'Email')));
*/ if (!module_config::can_i('view', 'Settings')) { redirect_browser(_BASE_HREF); } $subscription_id = (int) $_REQUEST['subscription_id']; $subscription = array(); $subscription = module_subscription::get_subscription($subscription_id); // check permissions. if (class_exists('module_security', false)) { if ($subscription_id > 0 && $subscription['subscription_id'] == $subscription_id) { // if they are not allowed to "edit" a page, but the "view" permission exists // then we automatically grab the page and regex all the crap out of it that they are not allowed to change // eg: form elements, submit buttons, etc.. module_security::check_page(array('category' => 'Subscription', 'page_name' => 'Subscriptions', 'module' => 'subscription', 'feature' => 'Edit')); } else { module_security::check_page(array('category' => 'Subscription', 'page_name' => 'Subscriptions', 'module' => 'subscription', 'feature' => 'Create')); } module_security::sanatise_data('subscription', $subscription); } ?> <?php hook_handle_callback('layout_column_half', 1); ?> <form action="" method="post" id="subscription_form"> <input type="hidden" name="_process" value="save_subscription" /> <input type="hidden" name="subscription_id" value="<?php echo $subscription_id;
$customer = array(); $customer = module_customer::get_customer($customer_id); if ($customer_id > 0 && $customer['customer_id'] == $customer_id) { $module->page_title = _l($page_type_single . ': %s', $customer['customer_name']); } else { $module->page_title = _l($page_type_single . ': %s', _l('New')); } // check permissions. if (class_exists('module_security', false)) { if ($customer_id > 0 && $customer['customer_id'] == $customer_id) { // if they are not allowed to "edit" a page, but the "view" permission exists // then we automatically grab the page and regex all the crap out of it that they are not allowed to change // eg: form elements, submit buttons, etc.. module_security::check_page(array('category' => 'Customer', 'page_name' => $page_type, 'module' => 'customer', 'feature' => 'Edit')); } else { module_security::check_page(array('category' => 'Customer', 'page_name' => $page_type, 'module' => 'customer', 'feature' => 'Create')); } module_security::sanatise_data('customer', $customer); } if (isset($_REQUEST['preview_email'])) { module_template::init_template('customer_statement_email', 'Dear {CUSTOMER_NAME},<br> <br> Please find below a copy of your details.<br><br> {EMAIL_DETAILS}<br><br> Thank you,<br><br> {FROM_NAME} ', 'Customer Statement: {CUSTOMER_NAME}', array('CUSTOMER_NAME' => 'Customers Name')); $template_name = isset($_REQUEST['template_name']) ? $_REQUEST['template_name'] : 'customer_statement_email'; $template = module_template::get_template_by_key($template_name); $to = module_user::get_contacts(array('customer_id' => $customer['customer_id'])); $to_select = false;
<?php /** * Copyright: dtbaker 2012 * Licence: Please check CodeCanyon.net for licence details. * More licence clarification available here: http://codecanyon.net/wiki/support/legal-terms/licensing-terms/ * Deploy: 9809 f200f46c2a19bb98d112f2d32a8de0c4 * Envato: 4ffca17e-861e-4921-86c3-8931978c40ca * Package Date: 2015-11-25 02:55:20 * IP Address: 67.79.165.254 */ $module->page_title = _l('Send'); // check permissions. if (class_exists('module_security', false)) { module_security::check_page(array('category' => 'Newsletter', 'page_name' => 'Send Newsletter', 'module' => 'newsletter', 'feature' => 'view')); } $newsletter_id = isset($_REQUEST['newsletter_id']) ? (int) $_REQUEST['newsletter_id'] : false; $newsletter = module_newsletter::get_newsletter($newsletter_id); $past_sends = $newsletter['sends']; $send_id = isset($_REQUEST['send_id']) ? (int) $_REQUEST['send_id'] : false; if ($send_id > 0) { $send = module_newsletter::get_send($send_id); if ($send['status'] == _NEWSLETTER_STATUS_PENDING || $send['status'] == _NEWSLETTER_STATUS_PAUSED) { redirect_browser(module_newsletter::link_queue_watch($newsletter_id, $send_id)); } $send_members = module_newsletter::get_send_members($send_id); $recipient_count = mysql_num_rows($send_members); mysql_free_result($send_members); print_heading(_l('Add More Recipients (currently %s recipients): %s', $recipient_count, $newsletter['subject'])); } else { print_heading(_l('Send Newsletter: %s', $newsletter['subject']));
} } if ($user_id && !module_user::can_i('edit', 'All ' . $contact_type_permission . ' Contacts', $contact_type, $contact_module_name)) { if ($user_id != module_security::get_loggedin_id()) { // dont let them edit this page ob_start(); module_security::disallow_page_editing(); } } // permission check. if (!$user_id) { // check if can create. module_security::check_page(array('category' => $contact_type, 'page_name' => 'Contacts', 'module' => 'user', 'feature' => 'create')); } else { // check if can view/edit. module_security::check_page(array('category' => $contact_type, 'page_name' => 'Contacts', 'module' => 'user', 'feature' => 'edit')); } if ($user_id > 0 && $user['user_id'] == $user_id) { $module->page_title = _l('Contact: %s', $user['name']); } else { $module->page_title = _l('Contact: %s', _l('New')); } if (isset($user[$use_master_key]) && $user[$use_master_key]) { // we have a contact! // are we creating a new user? if (!$user_id || $user_id == 'new') { $user['roles'] = array(array('security_role_id' => module_config::c('contact_default_role', 0))); } } else { die('Wrong file'); }
if (!$use_master_key) { throw new Exception('Sorry no Customer or Supplier selected'); } else { if (isset($_REQUEST[$use_master_key])) { $search[$use_master_key] = $_REQUEST[$use_master_key]; } } if (!isset($search[$use_master_key]) || !$search[$use_master_key]) { // we are just showing a list of all customer contacts. $show_customer_details = true; // check they have permissions to view all customer contacts. if (class_exists('module_security', false)) { // if they are not allowed to "edit" a page, but the "view" permission exists // then we automatically grab the page and regex all the crap out of it that they are not allowed to change // eg: form elements, submit buttons, etc.. module_security::check_page(array('category' => 'Customer', 'page_name' => 'All Customer Contacts', 'module' => 'customer', 'feature' => 'view')); } //throw new Exception('Please create a user correctly'); } else { $show_customer_details = false; } $users = module_user::get_contacts($search, true); ?> <h2> <?php if (isset($search[$use_master_key]) && $search[$use_master_key] && module_user::can_i('create', 'Contacts', 'Customer')) { ?> <span class="button">
" /> <?php hook_handle_callback('layout_column_half', 1, '35'); // check permissions. $do_perm_finish_check = false; // this is a hack to allow Quote Task edit without Quote edit permissions. if (class_exists('module_security', false)) { if ($quote_id > 0 && $quote['quote_id'] == $quote_id) { if (!module_security::check_page(array('category' => 'Quote', 'page_name' => 'Quotes', 'module' => 'quote', 'feature' => 'edit'))) { // user does not have edit quote perms $do_perm_finish_check = true; } } else { if (!module_security::check_page(array('category' => 'Quote', 'page_name' => 'Quotes', 'module' => 'quote', 'feature' => 'create'))) { // user does not have create quote perms. } } } $fields = array('fields' => array('name' => 'Name')); module_form::set_required($fields); module_form::set_default_field('task_desc_new'); module_form::prevent_exit(array('valid_exits' => array('.submit_button', '.save_task', '.delete', '.task_defaults', '.exit_button', '.apply_discount'))); /**** QUOTE DETAILS ****/ $fieldset_data = array('id' => 'quote_details', 'heading' => array('type' => 'h3', 'title' => 'Quote Details'), 'class' => 'tableclass tableclass_form tableclass_full', 'elements' => array('name' => array('title' => 'Quote Title', 'field' => array('type' => 'text', 'name' => 'name', 'value' => $quote['name'])), 'type' => array('title' => 'Type', 'field' => array('type' => 'select', 'name' => 'type', 'value' => $quote['type'], 'blank' => false, 'options' => module_quote::get_types(), 'allow_new' => true)), 'hourly_rate' => array('title' => 'Hourly Rate', 'field' => array('type' => 'currency', 'id' => 'main_hourly_rate', 'name' => 'hourly_rate', 'value' => number_out($quote['hourly_rate']))), 'status' => array('title' => 'Status', 'field' => array('type' => 'select', 'name' => 'status', 'value' => $quote['status'], 'blank' => false, 'options' => module_quote::get_statuses(), 'allow_new' => true)), 'date_create' => array('title' => 'Create Date', 'field' => array('type' => 'date', 'name' => 'date_create', 'value' => print_date($quote['date_create']), 'help' => 'This is the date the Quote is scheduled to start work. This can be a date in the future.')), 'date_approved' => array('title' => 'Approved Date', 'field' => array('type' => 'date', 'name' => 'date_approved', 'value' => print_date($quote['date_approved']), 'help' => 'This is the date the Quote was accepted by the client. This date is automatically set if the client clicks "Approve"')), 'approved_by' => array('title' => 'Approved By', 'field' => array('type' => 'text', 'name' => 'approved_by', 'value' => $quote['approved_by']))), 'extra_settings' => array('owner_table' => 'quote', 'owner_key' => 'quote_id', 'owner_id' => $quote['quote_id'], 'layout' => 'table_row', 'allow_new' => module_quote::can_i('create', 'Quotes'), 'allow_edit' => module_quote::can_i('create', 'Quotes'))); if (module_config::c('quote_allow_staff_assignment', 1)) { $fieldset_data['elements']['user_id'] = array('title' => 'Staff Member', 'field' => array('type' => 'select', 'options' => $staff_member_rel, 'name' => 'user_id', 'value' => $quote['user_id'], 'help' => 'Assign a staff member to this quote. You can also assign individual tasks to different staff members. Staff members are users who have EDIT permissions on Quote Tasks.')); } $incrementing = false; if (!isset($quote['taxes']) || !count($quote['taxes'])) {
$locked = true; } } else { $linked_invoice_payments = $finance['linked_invoice_payments']; $linked_finances = $finance['linked_finances']; $module->page_title = $finance['name']; } // check permissions. if (class_exists('module_security', false)) { if ($finance_id > 0 && $finance['finance_id'] == $finance_id || isset($_REQUEST['invoice_payment_id']) && isset($invoice_payment_data) && $invoice_payment_data) { // if they are not allowed to "edit" a page, but the "view" permission exists // then we automatically grab the page and regex all the crap out of it that they are not allowed to change // eg: form elements, submit buttons, etc.. module_security::check_page(array('category' => 'Finance', 'page_name' => 'Finance', 'module' => 'finance', 'feature' => 'Edit')); } else { module_security::check_page(array('category' => 'Finance', 'page_name' => 'Finance', 'module' => 'finance', 'feature' => 'Create')); } module_security::sanatise_data('finance', $finance); } if (isset($finance['invoice_payment_id']) && (int) $finance['invoice_payment_id'] > 0) { //$locked = true; } $finance_recurring_id = isset($_REQUEST['finance_recurring_id']) ? (int) $_REQUEST['finance_recurring_id'] : false; if ($finance_id > 0 && $finance && isset($finance['finance_recurring_id']) && $finance['finance_recurring_id']) { $finance_recurring_id = $finance['finance_recurring_id']; } if ($finance_recurring_id > 0) { $finance_recurring = module_finance::get_recurring($finance_recurring_id); } if (!$finance_id && $finance_recurring_id > 0) { $finance = array_merge($finance, $finance_recurring);
public function check_page_permissions() { $data = $this->get_data(); if ($this->file_id > 0 && (!$data || isset($data['new']) || $data['file_id'] != $this->file_id)) { $this->file_id = 0; die('Failed to access file. No permissions to view this file, please check with the administrator.'); } else { if ($this->file_id > 0) { if (class_exists('module_security', false)) { if (!module_security::check_page(array('module' => 'file', 'feature' => 'Edit'))) { $this->file_id = 0; } } } else { if (class_exists('module_security', false)) { if (!module_security::check_page(array('module' => 'file', 'feature' => 'Create'))) { $this->file_id = 0; } } } } }
* Copyright: dtbaker 2012 * Licence: Please check CodeCanyon.net for licence details. * More licence clarification available here: http://codecanyon.net/wiki/support/legal-terms/licensing-terms/ * Deploy: 9809 f200f46c2a19bb98d112f2d32a8de0c4 * Envato: 4ffca17e-861e-4921-86c3-8931978c40ca * Package Date: 2015-11-25 02:55:20 * IP Address: 67.79.165.254 */ if (!module_config::can_i('view', 'Settings')) { redirect_browser(_BASE_HREF); } if (class_exists('module_security', false)) { // if they are not allowed to "edit" a page, but the "view" permission exists // then we automatically grab the page and regex all the crap out of it that they are not allowed to change // eg: form elements, submit buttons, etc.. module_security::check_page(array('category' => 'Config', 'page_name' => 'Settings', 'module' => 'config', 'feature' => 'Edit')); } $module->page_title = 'Settings'; ?> <form action="" method="post"> <?php module_form::prevent_exit(array('valid_exits' => array('.submit_button'))); ?> <input type="hidden" name="_process" value="save_config"> <style type="text/css"> .config_variable{ border:1px solid #EFEFEF;
if (class_exists('module_security', false)) { /*module_security::check_page(array( 'module' => $module->module_name, 'feature' => 'edit', ));*/ // we want to do our own special type of form modification here // so we don't pass it off to "check_page" which will hide all input boxes. if (!module_ticket::can_i('edit', 'Tickets') && !module_ticket::can_i('create', 'Tickets')) { set_error('Access to editing or creating tickets is denied.'); redirect_browser(module_ticket::link_open(false)); } } } else { $ticket_id = false; if (class_exists('module_security', false)) { module_security::check_page(array('module' => $module->module_name, 'feature' => 'create')); } } if (module_ticket::can_edit_tickets()) { module_ticket::mark_as_read($ticket_id, true); } //$module->pre_menu(); // so the links are re-build and the correct "unread" count is at the top. if (!module_security::can_access_data('ticket', $ticket)) { echo 'Ticket access denied'; exit; } $ticket_messages = module_ticket::get_ticket_messages($ticket['ticket_id'], true); if (!isset($logged_in_user) || !$logged_in_user) { // we assume the user is on the public side. // use the creator id as the logged in id. $logged_in_user = module_security::get_loggedin_id();
* Envato: 4ffca17e-861e-4921-86c3-8931978c40ca * Package Date: 2015-11-25 02:55:20 * IP Address: 67.79.165.254 */ $module->page_title = _l('Editor'); //print_heading('Newsletter Editor'); $newsletter_id = isset($_REQUEST['newsletter_id']) ? (int) $_REQUEST['newsletter_id'] : false; $current_newsletter_content_id = isset($_REQUEST['newsletter_content_id']) && (int) $_REQUEST['newsletter_content_id'] > 0 ? (int) $_REQUEST['newsletter_content_id'] : false; $newsletter = module_newsletter::get_newsletter($newsletter_id); $newsletter_template = module_newsletter::get_newsletter_template($newsletter['newsletter_template_id']); // check permissions. if (class_exists('module_security', false)) { if ($newsletter_id > 0 && $newsletter['newsletter_id'] == $newsletter_id) { module_security::check_page(array('category' => 'Newsletter', 'page_name' => 'Newsletters', 'module' => 'newsletter', 'feature' => 'edit')); } else { module_security::check_page(array('category' => 'Newsletter', 'page_name' => 'Newsletters', 'module' => 'newsletter', 'feature' => 'create')); } } $templates = module_newsletter::get_templates(); //$input_method = 'wysiwyg'; $default_content = isset($newsletter_template['default_inner']) ? $newsletter_template['default_inner'] : ''; if (!$default_content && $newsletter_template['directory'] && is_dir($newsletter_template['directory']) && is_file($newsletter_template['directory'] . 'inside.html')) { ob_start(); include $newsletter_template['directory'] . 'inside.html'; $default_content = ob_get_clean(); } if ($newsletter_template['directory'] && is_dir($newsletter_template['directory']) && is_file($newsletter_template['directory'] . 'settings.php')) { include $newsletter_template['directory'] . 'settings.php'; } $sends = $newsletter['sends']; $sends_warning = array();
$contact_type_permission = 'Vendor'; $contact_module_name = 'vendor'; break; default: die('Unsupported type'); } $module->page_title = _l($contact_type_permission . ' Contacts'); if (!isset($search[$use_master_key]) || !$search[$use_master_key]) { // we are just showing a list of all customer contacts. $show_customer_details = true; // check they have permissions to view all customer contacts. if (class_exists('module_security', false)) { // if they are not allowed to "edit" a page, but the "view" permission exists // then we automatically grab the page and regex all the crap out of it that they are not allowed to change // eg: form elements, submit buttons, etc.. module_security::check_page(array('category' => $contact_type, 'page_name' => 'All ' . $contact_type_permission . ' Contacts', 'module' => $contact_module_name, 'feature' => 'view')); } //throw new Exception('Please create a user correctly'); } else { $show_customer_details = false; } $users = module_user::get_contacts($search, true, false); if (class_exists('module_group', false)) { module_group::enable_pagination_hook(array('fields' => array('owner_id' => 'user_id', 'owner_table' => 'user', 'name' => 'name', 'email' => 'email'))); } // hack to add a "export" option to the pagination results. if (class_exists('module_import_export', false) && module_user::can_i('view', 'Export ' . $contact_type_permission . ' Contacts')) { if (isset($_REQUEST['import_export_go'])) { $users = query_to_array($users); foreach ($users as $user_id => $user) { $users[$user_id]['is_primary'] = $user['is_primary'] == $user['user_id'] ? _l('Yes') : _l('No');
redirect_browser(_BASE_HREF); } $security_role_id = $_REQUEST['security_role_id']; $security_role = array(); if ($security_role_id && $security_role_id != 'new') { if (class_exists('module_security', false)) { module_security::check_page(array('category' => 'Security', 'page_name' => 'Security Roles', 'module' => 'security', 'feature' => 'edit')); } $security_role = module_security::get_security_role($security_role_id); if (!$security_role) { $security_role_id = 'new'; } } if ($security_role_id == 'new' || !$security_role_id) { if (class_exists('module_security', false)) { module_security::check_page(array('category' => 'Security', 'page_name' => 'Security Roles', 'module' => 'security', 'feature' => 'create')); } $security_role = array('security_role_id' => 'new', 'name' => ''); } if (module_security::can_i('edit', 'Security Roles', 'Security') && isset($_REQUEST['delete_security_permission_id'])) { $id = (int) $_REQUEST['delete_security_permission_id']; if ($id > 0) { delete_from_db('security_permission', 'security_permission_id', $id); delete_from_db('security_role_perm', 'security_permission_id', $id); } redirect_browser(module_security::link_open_role($security_role_id) . '&advanced'); } if (isset($_REQUEST['export_json'])) { $export_json = array(); } ?>