(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
require_once "../include/phprechnung.inc.php";
require_once "../include/smarty.inc.php";
CheckUser();
CheckAdminGroup3();
CheckSession();
$ArrayValue = CheckArrayValue($_REQUEST);
foreach ($ArrayValue as $key => $val) {
${$key} = $val;
$smarty->assign("{$key}", $val);
}
if (!isset($page) || !is_numeric($page) || $page <= 0) {
$page = 1;
}
if (!isset($Sort) || $Sort !== 'ASC' && $Sort !== 'DESC') {
$Sort = "";
}
if (empty($Order) || $Order !== 'CASHBOOKID' && $Order !== 'TAKINGS' && $Order !== 'EXPENDITURES' && $Order !== 'CASH_IN_HAND' && $Order !== 'CASHBOOK_DATE' && $Order !== 'DESCRIPTION') {
$Order = "CASHBOOK_DATE DESC,CASHBOOKID DESC";
$Sort = "";
}
$pattern[$i - 1] = "/#{$i}/";
$replace[$i - 1] = func_get_arg($i);
}
return preg_replace($pattern, $replace, $subject);
}
// *****************************************************************************
// Игровые страницы.
if (key_exists('session', $_GET)) {
//
// Проверка приватной сессии
//
//
// Проверка публичной сессии
//
SecurityCheck('/[0-9a-f]{12}/', $_GET['session'], "Манипулирование публичной сессией");
if (CheckSession($_GET['session']) == FALSE) {
die;
}
} else {
RedirectHome();
die;
}
if ($GlobalUni['freeze'] && $GlobalUser['admin'] == 0) {
echo "<html><head><meta http-equiv='refresh' content='0;url=maintenance.php' /></head><body></body></html>";
ob_end_flush();
exit;
}
loca_add("common", $GlobalUni['lang']);
loca_add("technames", $GlobalUni['lang']);
//
// Проверка параметров GET / POST на возможные SQL-инъекции