function checkAccess($methodName) { $result = true; $securedMethods = ["getGoods", "getAdminOrder", "updateGood", "getGood", "getGoodImages", "deleteGood", "getDescriptionKeys", "getGoodsKeys", "getNextGoodCode", "uploadImagesForGood", "updatePrices", "listBooklets", "getBooklet", "saveBooklet", "deleteBooklet", "getBookletBackgrounds", "saveOrder"]; if (in_array($methodName, $securedMethods)) { $result = isset($_SERVER['HTTPS']) && SessionManager::sessionStart() && AuthManager::isAuth(); } return $result; }
<?php /*header('Content-type: application/json; charset=UTF-8');*/ include_once 'import'; include_once 'admin_pages'; include_once 'service'; $page = $_GET['page']; if ($page == 'redirect') { $host = $_SERVER['HTTP_HOST']; header("Location: https://{$host}/admin/login"); exit; } $sessionStarted = SessionManager::sessionStart(); if ($sessionStarted) { if (AuthManager::isAuth()) { //AUTH SUCCESS switch ($page) { case 'contacts': $page = new AdminPage_Contacts(); echo $page->getHtml(); break; case 'prices': $page = new AdminPage_Prices(); echo $page->getHtml(); break; case 'tree': $page = new AdminPage_Tree(); echo $page->getHtml(); break; case 'goods': $page = new AdminPage_Goods();