function ModuleMenu($head, $module_id, $arr_menu, $arr_images = "")
{
$ui = $GLOBALS['ui'];
$wb = $GLOBALS['wb'];
$c = "<table class='plain'>\n";
$c .= "<tr>\n";
$c .= "<td colspan='2' class='bold'>" . $head . "</td>\n";
$c .= "</tr>\n";
/* LOOP ALL THE ITEMS IN THE MENU ARRAY */
for ($i = 0; $i < count($arr_menu); $i++) {
/* CHECK THE ACL FOR THIS MODULE */
//echo $GLOBALS['wui']->RoleID()."<br>";
//echo $module."<br>";
//echo $arr_menu[$i]."<br>";
if (CheckAccess($GLOBALS['wui']->RoleID(), $module_id, $arr_menu[$i])) {
$friendly = InitCap($arr_menu[$i]);
if (defined('_VALID_MVH_MOBILE_')) {
$c .= "<tr><td colspan='2'>+<a href='index.php?module=" . EscapeData($_GET['module']) . "&task=" . $arr_menu[$i] . "'>" . $friendly . "</a></td></tr>";
} else {
$c .= "<tr>\n";
$c .= "<td width='16'><img src='" . $wb . "images/" . $arr_images[$i] . "'></td>\n";
$c .= "<td><a href='index.php?module=" . EscapeData($_GET['module']) . "&task=" . $arr_menu[$i] . "'>" . $friendly . "</a></td>\n";
$c .= "</tr>\n";
}
}
}
$c .= "</table>\n";
return $c;
}
function ModuleMenuDynamic($module_id, $module_name, $items)
{
$ui = $GLOBALS['ui'];
$dr = $GLOBALS['dr'];
$wb = $GLOBALS['wb'];
$module_id = $GLOBALS['module_id'];
$c = "<table class='plain' width='150'>\n";
$c .= "<tr>\n";
$c .= "<td colspan='3' class='bold'>" . InitCap($module_name) . " Menu</td>\n";
$c .= "</tr>\n";
/* LOOP ALL THE ITEMS IN THE MENU ARRAY */
for ($i = 0; $i < count($items); $i++) {
/* CHECK THE ACL FOR THIS MODULE */
//echo $GLOBALS['wui']->RoleID()."<br>";
//echo $module."<br>";
//echo $arr_menu[$i]."<br>";
$task_img_desc = STRTOLOWER($items[$i]);
$task_img_desc = STR_REPLACE(" ", "_", $task_img_desc);
//echo $task_img_desc."<br>";
if (CheckAccess($GLOBALS['wui']->RoleID(), $module_id, $task_img_desc)) {
$friendly = InitCap($items[$i]);
if (defined('_VALID_MVH_MOBILE_')) {
$c .= "<tr><td colspan='2'>+<a href='index.php?module=" . $module_name . "&task=" . $task_img_desc . "'>" . $friendly . "</a></td></tr>";
} else {
$icon_file = $dr . "modules/" . $module_name . "/images/default/" . $task_img_desc . ".png";
$icon_http = "modules/" . $module_name . "/images/default/" . $task_img_desc . ".png";
//echo $icon."<br>";
if (file_exists($icon_file)) {
$icon_file = $icon_http;
} else {
$icon_file = $wb . "images/nuvola/16x16/actions/view_remove.png";
}
if ($_GET['task'] == $task_img_desc) {
$arrow = "<img src='images/nuvola/16x16/actions/player_play.png'>";
$bgcolor = "#dedede";
} else {
$arrow = "";
$bgcolor = "#ffffff";
}
$c .= "<tr>\n";
$c .= "<td width='16'>" . $arrow . "</td>\n";
$c .= "<td width='16'><img src='" . $icon_file . "'></td>\n";
$c .= "<td bgcolor='" . $bgcolor . "' width='134'><a href='index.php?module=" . $module_name . "&task=" . $task_img_desc . "'>" . $friendly . "</a></td>\n";
$c .= "</tr>\n";
}
}
}
$c .= "</table>\n";
return $c;
}
function showMainMenu($option, $loggedincount)
{
global $mainframe;
jimport('joomla.utilities.date');
$date = new JDate('now');
$tzoffset = $mainframe->getCfg('offset');
$date->setOffset($tzoffset);
$timeStr = $date->toFormat("%l:%M %P");
$dateStr = $date->toFormat("%A, %B %e, %G");
//$tzEST = new DateTimeZone('America/New_York');
//$date = new DateTime("now", $tzEST);
//$date = new DateTime("now");
//$timeStr = $date->format("g:i a");
//$dateStr = $date->format("l, F jS Y");
$ipset = CheckAccess();
echo '<h1>Ohio City Bicycle Co-op Member Database</h1>';
echo "<h2>There are currently {$loggedincount} members clocked in at {$timeStr} on {$dateStr}.</h2>\n";
// echo '<h2>Access '.($ipset ? '<font color="green">is enabled</font>' : '<font color="red">is NOT enabled</font>'). ' from your location.';
echo '<form action="index.php" method="post" name="adminForm">';
echo '<input type="hidden" name="option" value="' . $option . '">';
echo '<input type="hidden" name="task" value="" />';
echo '<input type="hidden" name="boxchecked" value="0" />';
echo '</form>';
}
include 'functions.php';
$powerRequired = 100;
//
//$sql = "Select
// access_power
// From
// Access
// Where
// access_page = 'edit_members'";
//
//$result = $mysqli->query($sql);
//
//$RankResult = mysqli_fetch_array($result, MYSQL_ASSOC);
//
//$powerRequired = $RankResult['access_power'];
$powerRequired = CheckAccess('edit_members');
if (isset($_SESSION["userName"]) && $_SESSION["userName"] != "") {
$theName = $_SESSION["userName"];
if (isset($_SESSION["power"])) {
if ($_SESSION["power"] >= $powerRequired) {
AccessGranted($theName);
} else {
AccessDenied();
}
} else {
AccessDenied();
//There should be a switch code for how this page failed
}
} else {
AccessDenied();
}
<?php
include 'connection.php';
include 'functions.php';
// $powerRequired = 100;
//
// $sql = "Select
// access_power
// From
// Access
// Where
// access_page = 'edit_ranks'";
//
// $result = $mysqli->query($sql);
//
// $AccessReq = mysqli_fetch_array($result, MYSQL_ASSOC);
$powerRequired = CheckAccess('edit_ranks');
if (isset($_SESSION["userName"]) && $_SESSION["userName"] != "") {
$theName = $_SESSION["userName"];
if (isset($_SESSION["power"])) {
if ($_SESSION["power"] >= $powerRequired) {
AccessGranted($theName);
} else {
AccessDenied();
}
} else {
AccessDenied();
}
}
function AccessGranted($adminName)
{
global $conn;
<br/>
<br/>
<br/>
<br/>
<form action="processAccess.php"
method="post">
<fieldset>
<legend>Access</legend>
<?php
include 'connection.php';
include 'functions.php';
$powerRequired = 100;
$powerRequired = CheckAccess('edit_access');
if (isset($_SESSION["userName"]) && $_SESSION["userName"] != "") {
$theName = $_SESSION["userName"];
if (isset($_SESSION["power"])) {
if ($_SESSION["power"] >= $powerRequired) {
AccessGranted($theName);
} else {
AccessDenied();
}
} else {
AccessDenied();
}
}
function AccessGranted($adminName)
{
global $mysqli;
function BrowseModuleTaskACL($module)
{
$db = $GLOBALS['db'];
$module_id = $GLOBALS['module_id'];
/* SETUP THE INITIAL MODULE DIRECTORY */
$dir = $GLOBALS['dr'] . "modules/" . $module . "/modules/";
/* CHECK THAT THE MODULE EXISTS */
if (!file_exists($dir)) {
return "No such directory";
}
/* LOOP THE PHP FILES IN EACH MODULE */
$dir_arr[] = "";
if ($handle = opendir($dir)) {
while (false !== ($file = readdir($handle))) {
if ($file != "." && $file != ".." && substr($file, -4) == ".php") {
$dir_arr[] = substr($file, 0, -4);
}
}
closedir($handle);
}
/* SORT THE ARRAY INTO ALPHABETICAL ORDER */
sort($dir_arr, SORT_REGULAR);
/**** THIS IS THE SUBMIT FORM PART WHICH WE PUT IN HERE BECAUSE THIS PAGE IS LOADED FROM MANY LOCATIONS ****/
if (isset($_POST['submit_form'])) {
for ($i = 1; $i < count($dir_arr); $i++) {
/* GRAB ALL THE ROLES SINCE WE DO NOT SIMPLY UPDATE WHATEVER CAME FROM THE FORM */
$sql = "SELECT crm.role_id,crm.role_name\n\t\t\t\t\t\tFROM " . $GLOBALS['database_prefix'] . "core_workspace_role_master crm\n\t\t\t\t\t\tWHERE crm.workspace_id = " . $GLOBALS['ui']->WorkspaceID() . "\n\t\t\t\t\t\tORDER BY crm.role_name\n\t\t\t\t\t\t";
//echo $sql."<br>";
$result = $db->Query($sql);
if ($db->NumRows($result) > 0) {
while ($row = $db->FetchArray($result)) {
$post_var = $dir_arr[$i] . "_" . $row['role_id'];
if (isset($_POST[$post_var]) && $_POST[$post_var] == "y") {
$access = "y";
} else {
$access = "n";
}
/* SINCE NEW TASKS AND ROLES CAN BE ADDED WE MAKE SURE THE RECORD EXISTS */
CheckCreateACLTaskExists($row['role_id'], $module_id, $dir_arr[$i]);
$sql = "UPDATE " . $GLOBALS['database_prefix'] . "core_space_task_acl\n\t\t\t\t\t\t\t\tSET access = '" . $access . "'\n\t\t\t\t\t\t\t\tWHERE role_id = " . $row['role_id'] . "\n\t\t\t\t\t\t\t\tAND module_id = '" . $module_id . "'\n\t\t\t\t\t\t\t\tAND task = '" . $dir_arr[$i] . "'\n\t\t\t\t\t\t\t\tAND workspace_id = " . $GLOBALS['workspace_id'] . "\n\t\t\t\t\t\t\t\tAND teamspace_id " . $GLOBALS['teamspace_sql'] . "\n\t\t\t\t\t\t\t\t";
//echo $sql."<br>";
$success = $db->Query($sql);
}
}
}
}
/**** END FORM SUBMITTING ****/
/* DISPLAY EACH */
$c = "<table class='plain' border='0'>\n";
$c .= "<form method='post' name='acl' action='index.php?module=" . $module . "&task=acl'>\n";
for ($i = 1; $i < count($dir_arr); $i++) {
$c .= "<tr class='alternatecell2'>\n";
$c .= "<td colspan='3'>" . STRTOUPPER($dir_arr[$i]) . "</td>\n";
$c .= "</tr>\n";
/* DISPLAY ALL THE ROLES*/
$sql = "SELECT crm.role_id,crm.role_name\n\t\t\t\t\t\tFROM " . $GLOBALS['database_prefix'] . "core_workspace_role_master crm\n\t\t\t\t\t\tWHERE crm.workspace_id = " . $GLOBALS['ui']->WorkspaceID() . "\n\t\t\t\t\t\tORDER BY crm.role_name\n\t\t\t\t\t\t";
//echo $sql."<br>";
$result = $db->Query($sql);
if ($db->NumRows($result) > 0) {
while ($row = $db->FetchArray($result)) {
if (CheckAccess($row['role_id'], $module_id, $dir_arr[$i])) {
$selected = "checked";
} else {
$selected = "";
}
$c .= "<tr>\n";
$c .= "<td><li></td>\n";
$c .= "<td>" . $row['role_name'] . "</td>\n";
$c .= "<td><input type='checkbox' value='y' name='" . $dir_arr[$i] . "_" . $row['role_id'] . "' {$selected}>\n";
$c .= "</tr>\n";
}
}
/* END */
}
$c .= "<tr class='alternatecell2'>\n";
$c .= "<td colspan='3'><input type='submit' name='submit_form' value='Save' class='buttonstyle'></td>\n";
$c .= "</tr>\n";
$c .= "</form>\n";
$c .= "</table>\n";
return $c;
}
function createMobileFiles()
{
function CheckAccess()
{
global $sugar_config;
if (is_windows()) {
return true;
} else {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $sugar_config['site_url'] . "/custom/QuickCRM/rest.php");
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_NOBODY, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; rv:1.7.3) Gecko/20041001 Firefox/0.10.1");
$res = curl_exec($ch);
$err = curl_errno($ch);
if (!$err) {
$info = curl_getinfo($ch);
$info = $info['http_code'];
$err = $info == '403' || $info == '500';
}
curl_close($ch);
return !$err;
}
}
$mobile = new mobile_jsLanguage();
$mobile->createAllFiles();
return CheckAccess();
}
session_start();
include 'header.html';
?>
<!-- InstanceBeginEditable name="content" -->
<div id="content_area" align="left">
<br/>
<br/>
<br/>
<br/>
<?php
include 'connection.php';
include 'functions.php';
$powerRequired = 100;
$powerRequired = CheckAccess('edit_op');
if (isset($_SESSION["power"]) && isset($_SESSION["userName"])) {
if ($_SESSION["power"] >= $powerRequired) {
AccessGranted();
} elseif ($_SESSION["power"] < $powerRequired) {
AccessDenied(1);
}
} else {
AccessDenied(0);
}
function AccessGranted()
{
//Login Check
if (isset($_SESSION["userName"])) {
$selectedOp = 0;
$OPArray = null;
<div id="content_area" align="left">
<br/>
<br/>
<br/>
<br/>
<form action="processItems.php"
method="post">
<fieldset>
<legend>Items</legend>
<?php
include 'connection.php';
include 'functions.php';
$powerRequired = 100;
$powerRequired = CheckAccess('edit_items');
if (isset($_SESSION["power"])) {
if ($_SESSION["power"] >= $powerRequired) {
AccessGranted();
} elseif ($_SESSION["power"] < $powerRequired) {
AccessDenied();
}
} else {
AccessDenied();
}
function AccessGranted()
{
global $mysqli;
$sql = "SELECT\n item_id,\n item_name,\n item_type,\n item_iskValue,\n item_order\n FROM Items";
$result = $mysqli->query($sql);
while ($row = $result->fetch_array(MYSQLI_BOTH)) {
<?php
require "../db_conn.php";
require "access.php";
CheckAccess();
$id = $db->escape_string($_GET['id']);
$query = "SELECT * FROM pagecontent WHERE id={$id}";
$result = $db->query($query);
$result = $result->fetch_assoc();
$oldtemplate = $result['template'];
$oldsub = $result['pagecontent_id'];
$oldpagecontent = $result['pagecontent_id'];
$query1 = "SELECT * FROM pagecontent WHERE id={$oldpagecontent}";
$result1 = $db->query($query1);
$olddata = $result1->fetch_assoc();
$oldmenuoption = $olddata['menuoption'];
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$stmt = $db->prepare("UPDATE pagecontent SET page=?, menuoption=?, menuorder=?, pagecontent_id=?, content=?, template=? WHERE id=?");
$stmt->bind_param("ssisssi", $page, $menu, $order, $subid, $content, $template, $id);
$page = isset($_POST['page']) ? strip_tags($_POST['page']) : null;
$menu = isset($_POST['menu']) ? strip_tags($_POST['menu']) : null;
$order = isset($_POST['order']) ? strip_tags($_POST['order']) : null;
$content = isset($_POST['content']) ? $_POST['content'] : null;
$template = isset($_POST['template']) ? $_POST['template'] : $oldtemplate;
$subid = isset($_POST['sub']) ? $_POST['sub'] : $oldsub;
var_dump($_POST);
$stmt->execute();
header("location: index.php");
}
function getPagesForSub($oldmenuoption, $oldpagecontent)
{
session_start();
include 'header.html';
?>
<!-- InstanceBeginEditable name="content" -->
<div id="content_area" align="left">
<br/>
<br/>
<br/>
<br/>
<?php
include 'connection.php';
include 'functions.php';
$powerRequired = 100;
$powerRequired = CheckAccess('reset_password');
if (isset($_SESSION["power"]) && isset($_SESSION["userName"])) {
if ($_SESSION["power"] >= $powerRequired) {
AccessGranted();
} elseif ($_SESSION["power"] < $powerRequired) {
AccessDenied(1);
}
} else {
AccessDenied(0);
}
function AccessGranted()
{
global $conn;
$userArray[0] = "";
$userIdArray[0] = 0;
$userCount = 0;
include 'header.html';
?>
<!-- InstanceBeginEditable name="content" -->
<div id="content_area" align="left">
<br/>
<br/>
<br/>
<br/>
<?php
//This could be a good place to add in allowing people to ONLY process ops
$powerRequired = 100;
include 'connection.php';
include 'functions.php';
$powerRequired = CheckAccess('item_category');
if (isset($_SESSION["power"]) && isset($_SESSION["userName"])) {
if ($_SESSION["power"] >= $powerRequired) {
AccessGranted();
} elseif ($_SESSION["power"] < $powerRequired) {
AccessDenied(1);
}
} else {
AccessDenied(0);
}
function AccessGranted()
{
global $mysqli;
echo "<form action = 'processItemCategories.php' method = 'post'>";
echo "<fieldset>";
echo "<legend>Item Categories</legend>";
<!-- InstanceBeginEditable name="content" -->
<div id="content_area" align="left">
<br/>
<br/>
<br/>
<br/>
<form action="TDSInTransfer.php"
method="post">
<fieldset>
<legend>Transfer Type</legend>
<?php
$powerRequired = 100;
$powerRequired = CheckAccess('transfer');
if (isset($_SESSION["power"])) {
if ($_SESSION["power"] >= $powerRequired) {
AccessGranted();
} elseif ($_SESSION["power"] < $powerRequired) {
AccessDenied(1);
}
} else {
AccessDenied(0);
}
function AccessGranted()
{
include 'connection.php';
$typeCount = 1;
$typeName[0] = "";
$selectedType = 0;
<DIV ID="right">
<IMG SRC="./images/right.png" WIDTH=296 HEIGHT=39 ALT="">
</DIV>
<!-- InstanceBeginEditable name="content" -->
<div id="content_area" align="left">
<br/>
<br/>
<br/>
<br/>
<?php
//This could be a good place to add in allowing people to ONLY process ops
include 'connection.php';
include 'functions.php';
$powerRequired = 100;
$powerRequired = CheckAccess('admin_tools');
if (isset($_SESSION["power"]) && isset($_SESSION["userName"])) {
if ($_SESSION["power"] >= $powerRequired) {
AccessGranted();
} elseif ($_SESSION["power"] < $powerRequired) {
AccessDenied(1);
}
} else {
AccessDenied(0);
}
function AccessGranted()
{
//All of the Sumbit buttons need to be replaced with correct links to pages like the other ones are
echo "<form action = ' '>";
echo "<fieldset>";
echo "<legend>Admin Tools</legend>";
