function permissions($parameters, $arg1 = '', $arg2 = '', $arg3 = '')
{
if ($arg1 or $arg2 or $arg3) {
$module = $arg1 ? $arg1 : $GLOBALS['zig']['current']['module'];
$script = $arg2 ? $arg2 : $GLOBALS['zig']['current']['script'];
$action = $arg3 ? $arg3 : $GLOBALS['zig']['current']['action'];
$field_name = "all";
$field_value = "all";
} else {
if (is_array($parameters)) {
$module = array_key_exists("module", $parameters) ? $parameters['module'] : $GLOBALS['zig']['current']['module'];
$script = array_key_exists("script", $parameters) ? $parameters['script'] : $GLOBALS['zig']['current']['script'];
$action = array_key_exists("action", $parameters) ? $parameters['action'] : $GLOBALS['zig']['current']['action'];
$tab = array_key_exists("tab", $parameters) ? $parameters['tab'] : NULL;
$field_name = array_key_exists("field_name", $parameters) ? $parameters['field_name'] : "all";
$field_value = array_key_exists("field_value", $parameters) ? $parameters['field_value'] : "all";
}
}
$module = $module == "{any}" ? NULL : $module;
$directory = $module;
$script = $script == "{any}" ? NULL : $script;
$action = $action == "{any}" ? NULL : $action;
$zig_info_obj = new zig_info();
$user = zig("info", "user");
$user_id = zig("info", "user_id");
$group = $zig_info_obj->group();
$pre = zig("config", "pre");
$zig_global_database = zig("config", "global_database");
$script = $script ? $script : $GLOBALS['zig']['current']['script'];
$script = addslashes($script);
$sql = "SELECT `{$pre}applications`.`name` AS module,`{$pre}tabs`.`name` AS tab \n\t\t\t\t\tFROM `{$zig_global_database}`.`{$pre}tabs`,`{$zig_global_database}`.`{$pre}applications` \n\t\t\t\t\tWHERE \n\t\t\t\t\t\t`directory`='{$directory}' \n\t\t\t\t\tAND `{$pre}tabs`.`module`=`{$pre}applications`.`name` \n\t\t\t\t\tAND `{$pre}tabs`.`link`='{$script}' LIMIT 1";
$result = zig("query", $sql);
$fetch = $result->fetchRow();
$module = $fetch['module'];
$tab = $fetch['tab'];
$where_tab = $tab ? " AND (tab='{$tab}' OR tab='all') " : NULL;
$where_action = $tab ? " AND (action='{$action}' OR action='all') " : NULL;
$sql = "SELECT users \n\t\t\t\tFROM `{$zig_global_database}`.`{$pre}permissions` \n\t\t\t\tWHERE \n\t\t\t\t\t(zig_parent_id='{$user_id}' OR users='{$user}' OR users='{$group}' OR users='all') \n\t\t\t\tAND (module='{$module}' OR module='all') {$where_tab} {$where_action} \n\t\t\t\tAND (field_name='{$field_name}' OR field_name='all') \n\t\t\t\tAND (field_value='{$field_value}' OR field_value='all') \n\t\t\t\tAND permission='allow' LIMIT 1";
$result = zig("query", $sql, "permissions.lib.php", false);
$permission = $result->RecordCount();
if ($permission == 1) {
$sql = "SELECT users \n\t\t\t\t\tFROM {$zig_global_database}.{$pre}permissions \n\t\t\t\t\tWHERE \n\t\t\t\t\t\t(zig_parent_id='{$user_id}' OR users='{$user}' OR users='{$group}' OR users='all') \n\t\t\t\t\tAND (module='{$module}' OR module='all') {$where_tab} {$where_action} \n\t\t\t\t\tAND (field_name='{$field_name}' OR field_name='all') \n\t\t\t\t\tAND (field_value='{$field_value}' OR field_value='all') \n\t\t\t\t\tAND permission='deny' LIMIT 1";
$result = zig("query", $sql);
$permission = $result->RecordCount() ? false : true;
/* if($module=="zig-helpdesk")
{
print " m=".$module ;
print " t=".$tab ;
print " a=".$action ;
print " u=".$user ;
print " p=".$permission ;
print " sql=".$sql ;
print "<br /><br />" ;
// exit() ;
}*/
}
$zig_return['value'] = $permission;
$zig_return['return'] = 1;
return $zig_return;
}
function config($parameters, $arg1 = '', $arg2 = '', $arg3 = '')
{
if ($arg1 or $arg2 or $arg3) {
$name = $arg1;
$module = $arg2 ? $arg2 : NULL;
$config = $arg3 ? $arg3 : NULL;
$result = "all";
$tab = NULL;
$action = isset($GLOBALS['zig']['current']['action']) ? $GLOBALS['zig']['current']['action'] : NULL;
$user = NULL;
} else {
if (is_array($parameters)) {
$name = array_key_exists("name", $parameters) ? $parameters['name'] : NULL;
$module = array_key_exists("module", $parameters) ? $parameters['module'] : NULL;
$config = array_key_exists("config", $parameters) ? $parameters['config'] : NULL;
$result = array_key_exists("result", $parameters) ? $parameters['result'] : NULL;
$tab = array_key_exists("tab", $parameters) ? $parameters['tab'] : NULL;
$action = array_key_exists("action", $parameters) ? $parameters['action'] : (isset($GLOBALS['zig']['current']['action']) ? $GLOBALS['zig']['current']['action'] : NULL);
$user = array_key_exists("user", $parameters) ? $parameters['user'] : NULL;
}
}
if (!$module) {
$fileBaseDirectory = dirname(__FILE__);
$baseDirectory = explode("zig-api", $fileBaseDirectory);
$baseDirectory = str_replace("\\", "/", $baseDirectory[0]);
$debug_backtrace = debug_backtrace();
$module = $debug_backtrace[1]['file'];
$module = str_replace("\\", "/", $module);
$module = str_replace($baseDirectory, "", $module);
$splitted_module = explode("/", $module);
$module = $splitted_module[0];
$current_module = NULL;
if (array_key_exists("zig", $GLOBALS)) {
$current_module = array_key_exists("current", $GLOBALS['zig']) ? array_key_exists("module", $GLOBALS['zig']['current']) ? $GLOBALS['zig']['current']['module'] : NULL : NULL;
}
$module = ($module == "zig-api" and $current_module != "zig-api" and $current_module != '') ? $module : ($module ? $module : "zig-api");
}
$pre = NULL;
$zig_global_database = NULL;
$value = NULL;
if (array_key_exists("zig", $GLOBALS)) {
if (array_key_exists("sql", $GLOBALS['zig'])) {
$pre = array_key_exists("pre", $GLOBALS['zig']['sql']) ? $GLOBALS['zig']['sql']['pre'] : NULL;
$zig_global_database = array_key_exists("global_database", $GLOBALS['zig']['sql']) ? $GLOBALS['zig']['sql']['global_database'] : NULL;
}
}
$original_config = $config ? $config : 0;
$original_module = $module ? $module : 0;
$original_tab = $tab ? $tab : 0;
$original_action = $action ? $action : 0;
$original_user = $user ? $user : 0;
if ($pre and $zig_global_database) {
$record = 0;
$value = NULL;
$value_check = $this->config_check($original_config, $original_module, $original_tab, $original_action, $original_user, $name);
if ($value_check) {
$value = $value_check;
} else {
if ($module != "all" and $module != "zig-api") {
$module_sql = "SELECT `name` FROM `{$zig_global_database}`.`{$pre}applications` WHERE `directory`='{$module}' AND `zig_status`<>'deleted' LIMIT 1";
$module_result = $GLOBALS['zig']['adodb']->Execute($module_sql);
$module_fetch = $module_result->fetchRow();
$module = $module_fetch['name'] ? $module_fetch['name'] : "all";
$error_number = $GLOBALS['zig']['adodb']->ErrorNo();
}
if (!$user) {
require_once "../zig-api/lib/info.lib.php";
$zig_info_obj = new zig_info();
$user_return = $zig_info_obj->info("info", "user");
$user = array_key_exists("value", $user_return) ? $user_return['value'] : NULL;
}
$script = isset($GLOBALS['zig']['current']['script']) ? $GLOBALS['zig']['current']['script'] : NULL;
$limit = is_numeric($result) ? "LIMIT {$result}" : NULL;
if (!$tab) {
// -- Start set tab
$tab_sql = "SELECT `name` FROM `{$zig_global_database}`.`{$pre}tabs` WHERE (`module`='{$module}' OR `module`='all') AND `link`='{$script}' AND `zig_status`<>'deleted' LIMIT 1";
$tab_result = $GLOBALS['zig']['adodb']->Execute($tab_sql);
$tab_fetch = $tab_result->fetchRow();
$tab = $tab_fetch['name'] ? $tab_fetch['name'] : "all";
$error_number = $GLOBALS['zig']['adodb']->ErrorNo();
// -- End set tab
}
if ($config) {
$config_names[] = $config;
} else {
$value_check = $this->config_check($original_config, $module, $tab, $original_action, $original_user, "config");
if ($value_check) {
$config_names = $value_check;
} else {
$config_sql = "SELECT `value` FROM `{$zig_global_database}`.`{$pre}configs` WHERE (`module`='{$module}' OR `module`='all') AND (`tab`='{$tab}' OR `tab`='all') AND `config`='default' AND (`action`='{$action}' OR `action`='all') AND (`users`='{$user}' OR `users`='all') AND `name`='config' AND `zig_status`<>'deleted' ORDER BY `priority` LIMIT 1";
$config_result = $GLOBALS['zig']['adodb']->Execute($config_sql);
$error_number = $GLOBALS['zig']['adodb']->ErrorNo();
$config_count = $config_result->RecordCount();
if ($config_count and !$error_number) {
while ($config_fetch = $config_result->fetchRow()) {
if ($config_fetch['value']) {
$config_names[] = $config_fetch['value'];
}
}
}
$config_names[] = "default";
$GLOBALS[$original_config][$module][$tab][$original_action][$original_user]['config'] = $config_names;
if ($original_config) {
$_SESSION[$original_config][$module][$tab][$original_action][$original_user]['config'] = $config_names;
}
}
}
foreach ($config_names as $config) {
$value_check = $this->config_check($config, $module, $tab, $action, $user, $name);
if ($value_check) {
$value = $value_check;
break;
}
if ($user and !$error_number) {
$sql = "SELECT `value` FROM `{$zig_global_database}`.`{$pre}configs` WHERE (`module`='{$module}' OR `module`='all') AND (`tab`='{$tab}' OR `tab`='all') AND `config`='{$config}' AND (`action`='{$action}' OR `action`='all') AND `users`='{$user}' AND `name`='{$name}' AND `zig_status`<>'deleted' ORDER BY `priority` {$limit}";
$result = $GLOBALS['zig']['adodb']->Execute($sql);
$error_number = $GLOBALS['zig']['adodb']->ErrorNo();
$record = $error_number ? 0 : $result->RecordCount();
}
if ($error_number) {
$zig_result['error'] = "Script: config.lib.php<br />";
$zig_result['error'] .= isset($sql) ? "SQL Statement: {$sql}<br />" : "SQL Statement: [blank]<br />";
$zig_result['error'] .= "SQL Error: " . $GLOBALS['zig']['adodb']->ErrorMsg();
} else {
if ($record == 0) {
$value_check = $this->config_check($config, $module, $tab, $action, $user, $name);
if ($value_check) {
$value = $value_check;
break;
}
$sql = "SELECT `value` FROM `{$zig_global_database}`.`{$pre}configs` WHERE (`module`='{$module}' OR `module`='all') AND `tab`='{$tab}' AND (`config`='{$config}' OR `config`='all') AND (`action`='{$action}' OR `action`='all') AND `users`='all' AND `name`='{$name}' AND `zig_status`<>'deleted' ORDER BY `priority` {$limit}";
$result = $GLOBALS['zig']['adodb']->Execute($sql);
$record = $result->RecordCount();
}
if ($record == 0) {
$sql = "SELECT `value` FROM `{$pre}configs` WHERE (`module`='{$module}' OR `module`='all') AND (`tab`='{$tab}' OR `tab`='all') AND (`config`='{$config}' OR `config`='all') AND (`action`='{$action}' OR `action`='all') AND `users`='all' AND `name`='{$name}' AND `zig_status`<>'deleted' ORDER BY `priority` {$limit}";
$result = $GLOBALS['zig']['adodb']->Execute($sql);
$record = $result->RecordCount();
}
if ($record == 0) {
if ($module != "zig-api") {
$module = "zig-api";
} else {
if ($config != "default") {
$config = "default";
}
}
if ($record == 0 and $module != "zig-api" and $config != "default") {
$module = "zig-api";
$config = "default";
}
$value_check = $this->config_check($config, $module, $tab, $action, $user, $name);
if ($value_check) {
$value = $value_check;
break;
}
$sql = "SELECT `value` FROM `{$zig_global_database}`.`{$pre}configs` WHERE (`module`='{$module}' OR `module`='all') AND (`tab`='{$tab}' OR `tab`='all') AND (`config`='{$config}' OR `config`='all') AND (`action`='{$action}' OR `action`='all') AND `users`='{$user}' AND `name`='{$name}' AND `zig_status`<>'deleted' ORDER BY `priority` {$limit}";
$result = $GLOBALS['zig']['adodb']->Execute($sql);
$record = $result->RecordCount();
if (!$record) {
$value_check = $this->config_check($config, $module, $tab, $action, $user, $name);
if ($value_check) {
$value = $value_check;
break;
}
$sql = "SELECT `value` FROM `{$zig_global_database}`.`{$pre}configs` WHERE (`module`='{$module}' OR `module`='all') AND (`tab`='{$tab}' OR `tab`='all') AND (`config`='{$config}' OR `config`='all') AND (`action`='{$action}' OR `action`='all') AND `users`='all' AND `name`='{$name}' AND `zig_status`<>'deleted' ORDER BY `priority` {$limit}";
$result = $GLOBALS['zig']['adodb']->Execute($sql);
$record = $result->RecordCount();
}
}
if ($record > 1) {
while ($fetch = $result->fetchRow()) {
$value[] = $fetch['value'];
}
} else {
if ($record) {
$fetch = $result->fetchRow();
$value = $fetch['value'];
}
}
}
if ($value) {
break;
}
}
$name = str_replace(" ", "_", $name);
$config = $config ? $config : 0;
$module = $module ? $module : 0;
$tab = $tab ? $tab : 0;
$action = $action ? $action : 0;
$user = $user ? $user : 0;
$GLOBALS[$config][$module][$tab][$action][$user][$name] = $value;
if ($config) {
$_SESSION[$config][$module][$tab][$action][$user][$name] = $value;
}
$GLOBALS[$original_config][$original_module][$original_tab][$original_action][$original_user][$name] = $value;
if ($original_config) {
$_SESSION[$original_config][$original_module][$original_tab][$original_action][$original_user][$name] = $value;
}
}
}
$zig_result['return'] = 1;
$zig_result['value'] = $value;
return $zig_result;
}
function logit($parameters, $arg1 = '', $arg2 = '', $arg3 = '')
{
if ($arg1 or $arg2 or $arg3) {
$type = $arg1;
$script = $arg2;
$log_message = $arg3;
} else {
if (is_array($parameters)) {
$type = array_key_exists("type", $parameters) ? $parameters['type'] : NULL;
$script = array_key_exists("script", $parameters) ? $parameters['script'] : NULL;
$log_message = array_key_exists("log_message", $parameters) ? $parameters['log_message'] : NULL;
}
}
$log_message = strtolower($log_message);
$sql_query_type = NULL;
$record_action = NULL;
require_once "../zig-api/lib/info.lib.php";
$info_object = new zig_info();
$user = $info_object->user();
$pre = $GLOBALS['zig']['sql']['pre'];
$zig_global_database = $GLOBALS['zig']['sql']['global_database'];
$script = $GLOBALS['zig']['current']['script'];
$module = $GLOBALS['zig']['current']['module'];
$action = $GLOBALS['zig']['current']['action'];
$sql = "SELECT `a`.`module`,`a`.`name`\n\t\t\t\tFROM `zig_tabs` `a`,`zig_applications` `b` \n\t\t\t\tWHERE `a`.`module`=`b`.`name` AND `directory`='{$module}' AND `a`.`link`='{$script}' \n\t\t\t\tLIMIT 1";
$result = $GLOBALS['zig']['adodb']->Execute($sql);
$fetch = $result->fetchRow();
$module = $fetch['module'];
$tab = $fetch['name'];
// -- Start Record Action
if (stripos($log_message, "select ") == 0 and stripos($log_message, "select ") !== false) {
$sql_query_type = "select";
$record_action = "search";
} else {
if (stripos($log_message, "update ") == 0 and stripos($log_message, "update ") !== false) {
$sql_query_type = "update";
if (stripos(strtolower(str_replace("`", "", $log_message)), "set zig_status='deleted'")) {
$record_action = "delete";
$splitted_log = explode(" where ", str_replace("`", "", $log_message));
$splitted_where = explode("id", $splitted_log[1]);
} else {
$record_action = "edit";
}
} else {
if (stripos($log_message, "insert into ") == 0 and stripos($log_message, "insert into ") !== false) {
$sql_query_type = "insert";
$record_action = "add";
} else {
if (stripos($log_message, "show ") == 0 and stripos($log_message, "show ") !== false) {
$sql_query_type = "show";
}
}
}
}
// -- End Record Action
$sql = "INSERT INTO `{$zig_global_database}`.`{$pre}logs` (zig_created,zig_user,log_type,module,tab,action,script,record_action,sql_query_type,log_message) VALUES(NOW(),'{$user}','{$type}','{$module}','{$tab}','{$action}','{$script}','{$record_action}','{$sql_query_type}',\"{$log_message}\") ";
$result = $GLOBALS['zig']['adodb']->Execute($sql);
$error_number = $GLOBALS['zig']['adodb']->ErrorNo();
if ($error_number) {
$zig_result['error'] = "Script: {$script}<br />";
$zig_result['error'] .= "SQL Statement: {$sql}<br />";
$zig_result['error'] .= "SQL Error: " . $GLOBALS['zig']['adodb']->ErrorMsg();
}
$zig_result['return'] = 1;
return $zig_result;
}
