function userAccess($minPrivilegeLevel)
{
$minPrivilegeLevel = strtolower($minPrivilegeLevel);
if (sessioned('permissions')) {
$_SESSION['permissions'] = strtolower($_SESSION['permissions']);
} else {
$_SESSION['permissions'] = 'x';
}
$hierarchy = 'xuca';
//hierarchy, from lowest to highest
if (count($minPrivilegeLevel) !== 1) {
err("Invalid permission level '{$minPrivilegeLevel}'");
}
if (!sessioned('email')) {
$nUser = 0;
} else {
$nUser = strpos($hierarchy, $_SESSION['permissions']);
}
$nAllowed = strpos($hierarchy, $minPrivilegeLevel);
if ($nUser === false) {
err("Invalid session permission level '{$_SESSION["permissions"]}'");
}
if ($nAllowed === false) {
err("Invalid input permission level '{$minPrivilegeLevel}'");
} else {
return $nUser >= $nAllowed;
}
}
function fetch_alerts_html()
{
$page_name = '';
//basename($_SERVER['REQUEST_URI']);
$sp = 'alerts_' . $page_name;
$html = '';
if (sessioned($sp)) {
foreach ($_SESSION[$sp] as $alert) {
if ($alert[1] > 0) {
$disposition = 'pos';
} else {
if ($alert[1] < 0) {
$disposition = 'neg';
} else {
$disposition = 'neut';
}
}
$html .= "<div class='alert_{$disposition}'>{$alert[0]}</div>";
}
unset($_SESSION[$sp]);
}
return $html;
}
} elseif ($_POST['docexport'] == 'HTML') {
sendfile('text/html', 'html', $q->clear()->addByQID(explode(',', $_POST['qidcsv']))->allToHTML('<div>[QID %QID%]<br><center><b>%PART%</b></center><br>%SUBJECT% <i>%TYPE%</i> %QUESTION%<br><small>%MCOPTIONS%</small><br>ANSWER: <b>%ANSWER%</b></div><br><br>'));
} else {
alert('Invalid format for export.', -1);
}
}
//MarkBad functionality
if (csrfVerify() && posted("markBad", "qids")) {
//--todo-- should be able to EDIT instead of just marking wrong. Also store history of questions viewed - "Views" table (hugeness) so can look back, mark for look back, etc.
alert('Marked question(s) ' . arrayToRanges($q->clear()->addByQID(array_intersect_key($_POST["qids"], array_flip($_POST["markBad"])))->markBad()->getQIDs()) . ' as bad.', 1);
}
$counts = array("QParts" => count($ruleSet["QParts"]), "Subjects" => count($ruleSet["Subjects"]), "QTypes" => count($ruleSet["QTypes"]));
$fullname = array("QParts" => "Question Part", "Subjects" => "Subject", "QTypes" => "Question Type");
//Config options, and setting the SESSION variables to new values based on POST variables
$checkboxoptions = "<div style='font-size:1.5em;font-weight:bold;'>Options</div>";
if (!sessioned('randq')) {
$_SESSION["randq"] = array();
}
foreach ($fullname as $name => $full) {
$count = count($ruleSet[$name]);
$checkboxoptions .= '<div><b>' . $full . '</b> ';
if (csrfVerify() && posted($name)) {
$_SESSION["randq"][$name] = $_POST[$name];
} elseif (!array_key_exists($name, $_SESSION["randq"])) {
$_SESSION["randq"][$name] = NULL;
}
//Remembering in $_SESSION
for ($i = 0; $i < $count; $i++) {
$checkboxoptions .= '<label>' . $ruleSet[$name][$i] . ' <input type="checkbox" name="' . $name . '[]" value="' . $i . '" ' . (is_array($_SESSION["randq"][$name]) && in_array($i, $_SESSION["randq"][$name]) || $_SESSION["randq"][$name] === NULL ? 'checked' : '') . ' /></label> ';
}
$checkboxoptions .= '</div>';
function SESSION($index)
{
if (sessioned($index)) {
return $_SESSION[$index];
} else {
return NULL;
}
}
