if ($id == "generateReport") {
if (!UserMay("PDFReports")) {
AccessDenied();
}
$DB = new conn();
$DB->connect();
$text = mysql_real_escape_string($_REQUEST["value"]);
$sql = "INSERT INTO reports (data) VALUES ('" . $text . "')";
$id = $DB->insert($sql);
$output = $id;
}
if ($id == "getContact") {
$DB = new conn();
$DB->connect();
$val = $DB->sanitize($_REQUEST["value"]);
$array = $DB->getContactInfo($val);
$output = $array;
}
if ($id == "searchContacts") {
$DB = new conn();
$DB->connect();
$val = $DB->sanitize($_REQUEST["value"]);
$array = $DB->searchContacts($val);
$output = $array;
}
if ($id == "getNewProductTable") {
if (!UserMay("Admin_ViewProducts")) {
AccessDenied();
}
$DB = new conn();
$DB->connect();
