function validateUser()
{
global $connection, $page;
if (isset($_SESSION["notes-user"])) {
//control if teachers user exists an has permissions
$user = $_SESSION["notes-user"];
$request = "SELECT * FROM teachers_users WHERE user = '******'";
$result = $connection->query($request);
$line = $result->fetch_assoc();
if ($line["user"] == $user) {
$is_authenticated = true;
} else {
$is_authenticated = false;
}
} elseif (isset($_SESSION["user"])) {
//control if backend user exists an has permissions
$user = $_SESSION["user"];
$request = "SELECT * FROM backend_users WHERE user = '******'";
$result = $connection->query($request);
$line = $result->fetch_assoc();
include_once "core/module-loader.php";
//Inlcude functions to check permissions if authenticated in backend mode
if ($line["user"] == $user && checkPermissionModules("notes-engine")) {
$is_authenticated = true;
} else {
$is_authenticated = false;
}
} else {
$is_authenticated = false;
}
return $is_authenticated;
}
break;
case "ajax-delete-content":
$id = $connection->real_escape_string($_POST["id"]);
DeleteContent($id);
break;
case "ajax-new-content":
NewContent($connection->real_escape_string($_POST["type"]), uniqid());
break;
case "ajax-add-content-dialog":
AddContentDialog();
break;
case "ajax-add-content-execute":
AddContentExecute($connection->real_escape_string($_POST["type"]), $connection->real_escape_string($_POST["id"]));
break;
case "footer":
if (checkPermissionModules("content-footer") === true) {
DrawFooterGUI();
} else {
ModuleAccessDeniedException("content-footer");
}
break;
case "ajax-manual-editor-footer":
GetFooterEditorContent();
break;
case "ajax-save-footer":
SaveFooter($_POST["content"]);
break;
default:
ContainerEditMode($connection->real_escape_string($_GET["arg"]));
}
function DrawContentList($filter)
}
include "common/common.php";
//common functions for backend system
//initialize HTML page, CSS style and old IE compatibility measures
echo "<!DOCTYPE html>\n<html lang='it'>\n<head>\n <meta charset='utf-8'>\n <meta http-equiv='X-UA-Compatible' content='IE=edge'>\n <meta name='viewport' content='width=device-width, initial-scale=1'>\n <title>{$config->website_name} - Vesi Backend</title>\n <link href='../assets/css/jquery-ui.min.css' rel='stylesheet'>\n <link href='../assets/css/jquery-ui.theme.min.css' rel='stylesheet'>\n <link href='../assets/css/bootstrap.min.css' rel='stylesheet'>\n <link href='../assets/css/font-awesome.min.css' rel='stylesheet'>\n <link href='../assets/css/custom-main.css' rel='stylesheet'>\n <!--[if lt IE 9]>\n <script src='../assets/js/html5shiv.min.js'></script>\n <script src='../assets/js/respond.min.js'></script>\n <![endif]-->\n</head>\n<body>\n";
//Include menu system
include "common/menusys.php";
echo "<div class='container-fluid'>\n";
//integrate correct module
$json = file_get_contents("modules.json");
$module_list = json_decode($json);
$i = 0;
foreach ($module_list->installed as $module_i) {
if ($module_i->name == $module) {
if (file_exists("modules/" . $module_i->path)) {
if (checkPermissionModules($module) === true) {
include "modules/" . $module_i->path;
} else {
ModuleAccessDeniedException($module);
}
$i = 1;
} else {
ModuleNotExistingError($module);
}
}
}
if ($i == 0) {
ModuleNotExistingError($module);
}
//load JS scripts
echo "</div><script src='../assets/js/jquery-1.11.2.min.js'></script><script src='../assets/js/jquery-ui.min.js'></script>";
