function exponent_flow_set($access_level, $url_type)
{
global $SYS_FLOW_REDIRECTIONPATH;
if ($access_level == SYS_FLOW_PUBLIC) {
exponent_sessions_set($SYS_FLOW_REDIRECTIONPATH . '_flow_' . SYS_FLOW_PROTECTED . '_' . $url_type, 'http://' . HOSTNAME . $_SERVER['REQUEST_URI']);
exponent_sessions_set($SYS_FLOW_REDIRECTIONPATH . '_flow_last_' . SYS_FLOW_PROTECTED, 'http://' . HOSTNAME . $_SERVER['REQUEST_URI']);
}
exponent_sessions_set($SYS_FLOW_REDIRECTIONPATH . '_flow_' . $access_level . '_' . $url_type, 'http://' . HOSTNAME . $_SERVER['REQUEST_URI']);
exponent_sessions_set($SYS_FLOW_REDIRECTIONPATH . '_flow_last_' . $access_level, 'http://' . HOSTNAME . $_SERVER['REQUEST_URI']);
}
<?php
##################################################
#
# Copyright (c) 2004-2006 OIC Group, Inc.
# Written and Designed by James Hunt
#
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
// Part of the Extensions category
if (!defined('EXPONENT')) {
exit('');
}
if (exponent_permissions_check('extensions', exponent_core_makeLocation('administrationmodule'))) {
exponent_sessions_set('display_theme', $_GET['theme']);
exponent_flow_redirect();
} else {
echo SITE_403_HTML;
}
function update($values, $object)
{
if ($object == null) {
$object = new TimeControl();
$object->default = 0;
//This will force the control to always show the current time as default
}
if ($values['identifier'] == "") {
$i18n = exponent_lang_loadFile('subsystems/forms/controls/TimeControl.php');
$post = $_POST;
$post['_formError'] = $i18n['id_req'];
exponent_sessions_set("last_POST", $post);
return null;
}
$object->identifier = $values['identifier'];
$object->caption = $values['caption'];
$object->showControl = isset($values['showControl']);
return $object;
}
function update($values, $object)
{
if (isset($values['_db_config'])) {
$i18n = exponent_lang_loadFile('datatypes/sharedcore_site.php');
// Test configuration, and return NULL if it doesn't work.
if (preg_match('/[^A-Za-z0-9]/', $values['db_table_prefix'])) {
$post = $values;
$post['_formError'] = $i18n['bad_prefix'] . '<br />';
exponent_sessions_set('last_POST', $post);
return null;
}
$linkdb = exponent_database_connect($values['db_user'], $values['db_pass'], $values['db_host'] . ':' . $values['db_port'], $values['db_name'], $values['db_engine'], true);
$linkdb->prefix = $values['db_table_prefix'] . '_';
if (!$linkdb->isValid()) {
$post = $values;
$post['_formError'] = $i18n['cant_connect'] . '<br />';
exponent_sessions_set('last_POST', $post);
return null;
}
$status = $linkdb->testPrivileges();
$failed = false;
$errors = '';
foreach ($status as $type => $flag) {
if (!$flag) {
$failed = true;
$errors .= sprintf($i18n['perm_denied'], $type) . '<br />';
}
}
if ($failed) {
$post = $values;
$post['_formError'] = $errors;
exponent_sessions_set('last_POST', $post);
return null;
}
}
$object->name = $values['name'];
$object->core_id = $values['core_id'];
if (!isset($object->id)) {
$object->path = $values['path'];
if ($object->path[0] != '/') {
$object->path = '/' . $object->path;
}
if (substr($object->path, -1, 1) != '/') {
$object->path = $object->path . '/';
}
$object->relpath = $values['relpath'];
if ($object->relpath[0] != '/') {
$object->relpath = '/' . $object->relpath;
}
if (substr($object->relpath, -1, 1) != '/') {
$object->relpath = $object->relpath . '/';
}
$object->host = $values['host'];
if (substr($object->host, 0, 7) != 'http://' && substr($object->host, 0, 8) != 'https://') {
$object->host = 'http://' . $object->host;
}
if (substr($object->host, -1, 1) == '/') {
$object->host = substr($object->host, 0, -1);
}
}
return $object;
}
<?php
##################################################
#
# Copyright (c) 2004-2006 OIC Group, Inc.
# Written and Designed by James Hunt
#
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
if (!defined("EXPONENT")) {
exit("");
}
exponent_sessions_set("uilevel", 0);
exponent_flow_redirect();
$post['_formError'] = "File is not a delimited text file.";
exponent_sessions_set("last_POST",$post);
header("Location: " . $_SERVER['HTTP_REFERER']);
exit("");
}
*/
//split the line into its columns
$fh = fopen(BASE . $directory . "/" . $file->filename, "r");
for ($x = 0; $x < $_POST["rowstart"]; $x++) {
$lineInfo = fgetcsv($fh, 2000, $_POST["delimiter"]);
}
$colNames = array("none" => $i18n['col_none'], "username" => $i18n['col_username'], "password" => $i18n['col_password'], "firstname" => $i18n['col_firstname'], "lastname" => $i18n['col_lastname'], "email" => $i18n['col_email']);
//Check to see if the line got split, otherwise throw an error
if ($lineInfo == null) {
$post['_formError'] = sprintf($i18n['delimiter_error'], $_POST["delimiter"]);
exponent_sessions_set("last_POST", $post);
header("Location: " . $_SERVER['HTTP_REFERER']);
exit("");
} else {
//initialize the for stuff
exponent_forms_initialize();
//Setup the mete data (hidden values)
$form = new form();
$form->meta("module", "importer");
$form->meta("action", "page");
$form->meta("page", "process");
$form->meta("rowstart", $_POST["rowstart"]);
$form->meta("importer", "usercsv");
$form->meta("filename", $directory . "/" . $file->filename);
$form->meta("delimiter", $_POST["delimiter"]);
for ($i = 0; $i < count($lineInfo); $i++) {
##################################################
// Part of the User Management category
if (!defined('EXPONENT')) {
exit('');
}
if (exponent_permissions_check('user_management', exponent_core_makeLocation('administrationmodule'))) {
if (!defined('SYS_USERS')) {
require_once BASE . 'subsystems/users.php';
}
if (isset($_POST['id'])) {
// Existing user profile edit
$g = exponent_users_getGroupById($_POST['id']);
$g = exponent_users_groupUpdate($_POST, $g);
exponent_users_saveGroup($g);
exponent_flow_redirect();
} else {
if (exponent_users_getGroupByName($_POST['name']) != null) {
$i18n = exponent_lang_loadFile('modules/administrationmodule/actions/gmgr_savegroup.php');
$post = $_POST;
$post['_formError'] = $i18n['name_taken'];
exponent_sessions_set('last_POST', $post);
header('Location: ' . $_SERVER['HTTP_REFERER']);
} else {
$g = exponent_users_groupUpdate($_POST, null);
exponent_users_saveGroup($g);
exponent_flow_redirect();
}
}
} else {
echo SITE_403_HTML;
}
function update($values, $object)
{
if ($object == null) {
$object = new checkboxcontrol();
}
if ($values['identifier'] == "") {
$i18n = exponent_lang_loadFile('subsystems/forms/controls/checkboxcontrol.php');
$post = $_POST;
$post['_formError'] = $i18n['id_required'];
exponent_sessions_set("last_POST", $post);
return null;
}
$object->identifier = $values['identifier'];
$object->caption = $values['caption'];
$object->default = isset($values['default']);
$object->flip = isset($values['flip']);
return $object;
}
define('SCRIPT_FILENAME', 'edit_page.php');
ob_start();
include_once '../../../exponent.php';
if (!defined('SYS_THEME')) {
include_once BASE . 'subsystems/theme.php';
}
$id = -1;
if (isset($_GET['sitetemplate_id'])) {
exponent_sessions_set('sitetemplate_id', intval($_GET['sitetemplate_id']));
$id = intval($_GET['sitetemplate_id']);
} else {
if (exponent_sessions_isset('sitetemplate_id')) {
$id = exponent_sessions_get('sitetemplate_id');
}
}
$template = $db->selectObject('section_template', 'id=' . $id);
$page = $template && $template->subtheme != '' && is_readable(BASE . 'themes/' . DISPLAY_THEME . '/subthemes/' . $template->subtheme . '.php') ? 'themes/' . DISPLAY_THEME . '/subthemes/' . $template->subtheme . '.php' : 'themes/' . DISPLAY_THEME . '/index.php';
$i18n = exponent_lang_loadFile('modules/NavigationModule/actions/edit_page.php');
exponent_sessions_set('themeopt_override', array('src_prefix' => '@st' . $id, 'ignore_mods' => array('NavigationModule', 'LoginModule'), 'mainpage' => PATH_RELATIVE . 'modules/NavigationModule/actions/edit_page.php', 'backlinktext' => $i18n['back']));
#define('PREVIEW_READONLY',1);
$REDIRECTIONPATH = 'section_template';
if ($user && $user->is_acting_admin == 1) {
if (is_readable(BASE . $page)) {
include_once BASE . $page;
} else {
echo sprintf($i18n['err_not_readable'], BASE . $page);
}
exponent_sessions_unset('themeopt_override');
} else {
echo SITE_403_HTML;
}
<?php
##################################################
#
# Copyright (c) 2004-2006 OIC Group, Inc.
# Written and Designed by James Hunt
#
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
if (!defined("EXPONENT")) {
exit("");
}
$levels = exponent_sessions_get('uilevels');
exponent_sessions_set('uilevel', max(array_keys($levels)));
exponent_flow_redirect();
function update($values, $object)
{
if ($values['identifier'] == "") {
$post = $_POST;
$i18n = exponent_lang_loadFile('subsystems/forms/controls/SelectMultipleControl.php');
$post['_formError'] = $i18n['id_req'];
exponent_sessions_set("last_POST", $post);
return null;
}
if (!defined("SYS_FORMS")) {
require_once BASE . "subsystems/forms.php";
}
exponent_forms_initialize();
if ($object == null) {
$object = new SelectMultipleControl();
}
$object->identifier = $values['identifier'];
$object->caption = $values['caption'];
$object->default = $values['default'];
$object->items = SelectMultipleControl::parseData($values, 'items', true);
$object->size = intval($values['size']) <= 0 ? 1 : intval($values['size']);
$object->required = isset($values['required']);
return $object;
}
echo '</td></tr>';
}
function echoFailure($msg = "")
{
global $i18n;
echo '<span class="failed">' . $i18n['failed'] . '</span>';
if ($msg != "") {
echo ' : ' . $msg;
}
echo '</td></tr>';
}
function isAllGood($str)
{
return !preg_match("/[^A-Za-z0-9]/", $str);
}
exponent_sessions_set("installer_config", $_POST['c']);
$config = $_POST['c'];
$passed = true;
if (preg_match('/[^A-Za-z0-9]/', $config['db_table_prefix'])) {
echoFailure($i18n['bad_prefix']);
$passed = false;
}
if ($passed) {
$db = exponent_database_connect($config['db_user'], $config['db_pass'], $config['db_host'], $config['db_name'], $config['db_engine'], 1);
$db->prefix = $config['db_table_prefix'] . '_';
$status = array();
echoStart($i18n['connecting'] . ':');
if ($db->connection == null) {
echoFailure($db->error());
// FIXME:BETTER ERROR CHECKING
$passed = false;
function update($values, $object)
{
if ($object == null) {
$object = new textcontrol();
}
if ($values['identifier'] == "") {
$i18n = exponent_lang_loadFile('subsystems/forms/controls/textcontrol.php');
$post = $_POST;
$post['_formError'] = $i18n['id_req'];
exponent_sessions_set("last_POST", $post);
return null;
}
$object->identifier = $values['identifier'];
$object->caption = $values['caption'];
$object->default = $values['default'];
$object->size = intval($values['size']);
$object->maxlength = intval($values['maxlength']);
$object->required = isset($values['required']);
return $object;
}
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
if (!defined('EXPONENT')) {
exit('');
}
$dest_dir = $_POST['dest_dir'];
$files = array();
if (!defined('SYS_FILES')) {
require_once BASE . 'subsystems/files.php';
}
foreach (array_keys($_POST['mods']) as $mod) {
$files[$mod] = array('', array());
if (class_exists($mod)) {
$files[$mod][0] = call_user_func(array($mod, 'name'));
}
foreach (array_keys(exponent_files_listFlat($dest_dir . '/files/' . $mod, 1, null, array(), $dest_dir . '/files/' . $mod . '/')) as $file) {
$files[$mod][1][$file] = exponent_files_canCreate(BASE . 'files/' . $mod . '/' . $file);
}
}
exponent_sessions_set('dest_dir', $dest_dir);
exponent_sessions_set('files_data', $files);
$template = new template('importer', '_files_verifyFiles');
$template->assign('files_data', $files);
$template->output();
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
if (!defined('EXPONENT')) {
exit('');
}
ob_start();
if (isset($_GET['redirecturl'])) {
$redirect = urldecode($_GET['redirecturl']);
if (substr($redirect, 0, 4) != 'http') {
$redirect = URL_FULL . $redirect;
}
exponent_sessions_set('redirecturl', $redirect);
}
//$SYS_FLOW_REDIRECTIONPATH = 'loginredirect';
exponent_flow_set(SYS_FLOW_PUBLIC, SYS_FLOW_ACTION);
if (exponent_sessions_loggedIn()) {
header('Location: ' . exponent_sessions_get('redirecturl'));
exit('Redirecting...');
}
$i18n = exponent_lang_loadFile('modules/loginmodule/actions/loginredirect.php');
loginmodule::show('Default', null, $i18n['login']);
$template = new template('loginmodule', '_login_redirect');
$template->assign('output', ob_get_contents());
ob_end_clean();
$template->output();
function update($values, $object)
{
if ($object == null) {
$object = new popupdatetimecontrol();
$object->default = 0;
}
if ($values['identifier'] == "") {
$i18n = exponent_lang_loadFile('subsystems/forms/controls/popupdatetimecontrol.php');
$post = $_POST;
$post['_formError'] = $i18n['id_req'];
exponent_sessions_set("last_POST", $post);
return null;
}
$object->identifier = $values['identifier'];
$object->caption = $values['caption'];
$object->showtime = isset($values['showtime']);
return $object;
}
function update($values, $object)
{
if ($values['identifier'] == "") {
$i18n = exponent_lang_loadFile('subsystems/forms/controls/listbuildercontrol.php');
$post = $_POST;
$post['_formError'] = $i18n['id_req'];
exponent_sessions_set("last_POST", $post);
return null;
}
$object->identifier = $values['identifier'];
$object->caption = $values['caption'];
return $object;
}
function update($values, $object)
{
if ($object == null) {
$object = new radiogroupcontrol();
}
if ($values['identifier'] == "") {
$i18n = exponent_lang_loadFile('subsystems/forms/controls/radiogroupcontrol.php');
$post = $_POST;
$post['_formError'] = $i18n['id_req'];
exponent_sessions_set("last_POST", $post);
return null;
}
if (!defined("SYS_FORMS")) {
require_once BASE . "subsystems/forms.php";
}
exponent_forms_initialize();
$object->identifier = $values['identifier'];
$object->caption = $values['caption'];
$object->default = $values['default'];
$object->items = listbuildercontrol::parseData($values, 'items', true);
$object->flip = isset($values['flip']);
$object->cols = intval($values['cols']);
$object->spacing = intval($values['spacing']);
$object->required = isset($values['required']);
return $object;
}
#
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
include_once dirname(realpath(__FILE__)) . '/exponent.php';
include_once dirname(realpath(__FILE__)) . '/subsystems/image.php';
$w = isset($_GET['w']) ? $_GET['w'] : 200;
$h = isset($_GET['h']) ? $_GET['h'] : 50;
$name = isset($_GET['name']) ? $_GET['name'] : 'capcha_string';
if (exponent_sessions_isset($name)) {
$str = exponent_sessions_get($name);
} else {
$str = strtoupper(substr(md5(rand()), 17, 6));
exponent_sessions_set($name, $str);
}
if (intval($w) > 0 && intval($h > 0)) {
$img = exponent_image_captcha($w, $h, $str);
}
if ($img) {
$sizeinfo = array('mime' => 'image/png');
ob_end_clean();
exponent_image_output($img, $sizeinfo);
}
}
if (isset($_REQUEST['dest'])) {
$source_select['dest'] = $_REQUEST['dest'];
} else {
if (!isset($source_select['dest'])) {
$source_select['dest'] = null;
}
}
if (isset($_REQUEST['hideOthers'])) {
$source_select['hideOthers'] = $_REQUEST['hideOthers'];
} else {
if (!isset($source_select['hideOthers'])) {
$source_select['hideOthers'] = 0;
}
}
exponent_sessions_set('source_select', $source_select);
$template = new standalonetemplate('orphaned_content');
ob_start();
// Include the orphans_modules action of the container, to get a list of modules types with orhpans.
include_once BASE . 'modules/ContainerModule/actions/orphans_modules.php';
$template->assign('modules_output', ob_get_contents());
ob_end_clean();
if (isset($_GET['module'])) {
ob_start();
// Include the orphans_content action of the container module, to show all modules of the specified type.
include_once BASE . 'modules/ContainerModule/actions/orphans_content.php';
$template->assign('main_output', ob_get_contents());
$template->assign('error', '');
ob_end_clean();
} else {
if ($db->countObjects('locationref', 'refcount = 0')) {
function exponent_permissions_load($user)
{
global $db, $exponent_permissions_r;
// The $has_admin boolean will be flipped to true if the user has any administrate permission anywhere.
// It will be used for figuring out the allowable UI levels.
$has_admin = 0;
// Clear the global permissions array;
$exponent_permissions_r = array();
if ($user == null) {
// If the user is not logged in, they have no permissions.
return;
}
if ($user->is_acting_admin == 0) {
// Retrieve all of the explicit user permissions, by user id
foreach ($db->selectObjects('userpermission', 'uid=' . $user->id) as $obj) {
if ($obj->permission == 'administrate') {
$has_admin = 1;
}
$exponent_permissions_r[$obj->module][$obj->source][$obj->internal][$obj->permission] = 1;
}
// Retrieve all of the implicit user permissions (by virtue of group membership).
foreach ($db->selectObjects('groupmembership', 'member_id=' . $user->id) as $memb) {
foreach ($db->selectObjects('grouppermission', 'gid=' . $memb->group_id) as $obj) {
if ($obj->permission == 'administrate') {
$has_admin = 1;
}
$exponent_permissions_r[$obj->module][$obj->source][$obj->internal][$obj->permission] = 1;
}
}
// Retrieve sectional admin status.
// First, figure out what sections the user has permission to manage, through the NavigationModule permissions
if (isset($exponent_permissions_r['NavigationModule']['']) && is_array($exponent_permissions_r['NavigationModule'][''])) {
foreach ($exponent_permissions_r['NavigationModule'][''] as $id => $perm_data) {
if ($perm_data['manage'] == 1) {
// The user is allowed to manage sections.
// Pull in all stuff for the section, using section ref.
$sectionrefs = $db->selectObjects('sectionref', 'is_original=1 AND section=' . $id);
foreach ($sectionrefs as $sref) {
$sloc = exponent_core_makeLocation($sref->module, $sref->source);
if (class_exists($sref->module)) {
// In business, the module exists
$perms = call_user_func(array($sref->module, 'permissions'));
if ($perms == null) {
$perms = array();
}
// For good measure, since some mods return no perms.
foreach ($perms as $perm => $name) {
$exponent_permissions_r[$sloc->mod][$sloc->src][''][$perm] = 1;
}
}
}
}
}
}
}
exponent_sessions_set('permissions', $exponent_permissions_r);
// Check perm stats for UI levels
$ui_levels = array();
$i18n = exponent_lang_loadFile('subsystems/permissions.php');
if ($user->is_acting_admin == 1) {
$ui_levels = array($i18n['preview'], $i18n['normal'], $i18n['perms'], $i18n['structure']);
} else {
if (count($exponent_permissions_r)) {
$ui_levels = array($i18n['preview'], $i18n['normal']);
}
if ($has_admin) {
$ui_levels[] = $i18n['perms'];
}
if (isset($exponent_permissions_r['ContainerModule']) && count($exponent_permissions_r['ContainerModule'])) {
$ui_levels[] = $i18n['structure'];
}
}
exponent_sessions_set('uilevels', $ui_levels);
}
// After config config setup:
// Put session stuff first.
$user = null;
// Initialize the Sessions Subsystem
require_once BASE . 'subsystems/sessions.php';
// Initializes the session. This will populate the $user variable
exponent_sessions_initialize();
if (!isset($_SERVER['QUERY_STRING'])) {
$_SERVER['QUERY_STRING'] = '';
}
// Create a REQUEST_URI for people who don't have one.
// FIXME: Move this code (and other similar platform stuff) into a platform compat layer.
// FIXME:
$_SERVER['REQUEST_URI'] = SCRIPT_RELATIVE . SCRIPT_FILENAME . '?' . $_SERVER['QUERY_STRING'];
if (isset($_REQUEST['section'])) {
exponent_sessions_set('last_section', intval($_REQUEST['section']));
}
if (!defined('DISPLAY_THEME')) {
/* exdoc
* The directory and class name of the current active theme. This may be different
* than the configure theme (DISPLAY_THEME_REAL) due to previewing.
*/
define('DISPLAY_THEME', DISPLAY_THEME_REAL);
}
if (!defined('THEME_ABSOLUTE')) {
/* exdoc
* The absolute path to the current active theme's files. This is similar to the BASE constant
*/
define('THEME_ABSOLUTE', BASE . 'themes/' . DISPLAY_THEME . '/');
// This is the recommended way
}
if ($section) {
$old_parent = $section->parent;
$check_id = $section->id;
}
} else {
$check_id = $_POST['parent'];
}
if ($check_id != -1 && exponent_permissions_check('manage', exponent_core_makeLocation('NavigationModule', '', $check_id))) {
$i18n = exponent_lang_loadFile('modules/NavigationModule/actions/save_internalalias.php');
// Update the section from the _POST data.
$section = section::updateInternalAlias($_POST, $section);
if ($section->active == 0) {
// User tried to link to an inactive section. This makes little or no sense in
// this context, so throw them back to the edit form, with an error message.
$_POST['_formError'] = $i18n['internal_link_err'];
exponent_sessions_set('last_POST', $_POST);
header('Location: ' . $_SERVER['HTTP_REFERER']);
exit('');
}
if (isset($section->id)) {
if ($section->parent != $old_parent) {
// Old_parent id was different than the new parent id. Need to decrement the ranks
// of the old children (after ours), and then add
$section = section::changeParent($section, $old_parent, $section->parent);
}
// Existing section. Update the database record.
// The 'id=x' WHERE clause is implicit with an updateObject
if (isset($_SESSION['nav_cache']['kids'])) {
unset($_SESSION['nav_cache']['kids']);
}
$db->updateObject($section, 'section');
<?php
##################################################
#
# Copyright (c) 2004-2006 OIC Group, Inc.
# Written and Designed by James Hunt
#
# This file is part of Exponent
#
# Exponent is free software; you can redistribute
# it and/or modify it under the terms of the GNU
# General Public License as published by the Free
# Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# GPL: http://www.gnu.org/licenses/gpl.txt
#
##################################################
if (!defined('EXPONENT')) {
exit('');
}
if ($user !== null) {
exponent_sessions_set('uilevel', $_POST['level']);
exponent_flow_redirect();
}
