if ($id == "generateReport") { if (!UserMay("PDFReports")) { AccessDenied(); } $DB = new conn(); $DB->connect(); $text = mysql_real_escape_string($_REQUEST["value"]); $sql = "INSERT INTO reports (data) VALUES ('" . $text . "')"; $id = $DB->insert($sql); $output = $id; } if ($id == "getContact") { $DB = new conn(); $DB->connect(); $val = $DB->sanitize($_REQUEST["value"]); $array = $DB->getContactInfo($val); $output = $array; } if ($id == "searchContacts") { $DB = new conn(); $DB->connect(); $val = $DB->sanitize($_REQUEST["value"]); $array = $DB->searchContacts($val); $output = $array; } if ($id == "getNewProductTable") { if (!UserMay("Admin_ViewProducts")) { AccessDenied(); } $DB = new conn(); $DB->connect();