require_once 'form.php';
require_once 'open_invoices.php';
require_once 'settings.php';
require_once 'localize.php';
require_once 'settings_list.php';
require_once 'version.php';
require_once 'sqlfuncs.php';
sesVerifySession();
$strFunc = sanitize(getRequest('func', 'open_invoices'));
$strList = sanitize(getRequest('list', ''));
$strForm = sanitize(getRequest('form', ''));
if (!$strFunc) {
$strFunc = 'open_invoices';
}
if ($strFunc == 'logout') {
header('Location: ' . getSelfPath() . '/logout.php');
exit;
}
if (!$strFunc && $strForm) {
$strFunc = 'invoices';
}
$title = getPageTitle($strFunc, $strList, $strForm);
if ($strFunc == 'system' && getRequest('operation', '') == 'dbdump' && sesAccessLevel([ROLE_BACKUPMGR, ROLE_ADMIN])) {
create_db_dump();
exit;
}
echo htmlPageStart(_PAGE_TITLE_ . " - {$title}", getSetting('session_keepalive') ? ['js/keepalive.js'] : null);
$normalMenuRights = [ROLE_READONLY, ROLE_USER, ROLE_BACKUPMGR];
$astrMainButtons = [['name' => 'invoice', 'title' => 'locShowInvoiceNavi', 'action' => 'open_invoices', 'levels_allowed' => [ROLE_READONLY, ROLE_USER, ROLE_BACKUPMGR]], ['name' => 'archive', 'title' => 'locShowArchiveNavi', 'action' => 'archived_invoices', 'levels_allowed' => [ROLE_READONLY, ROLE_USER, ROLE_BACKUPMGR]], ['name' => 'company', 'title' => 'locShowClientNavi', 'action' => 'companies', 'levels_allowed' => [ROLE_USER, ROLE_BACKUPMGR]], ['name' => 'reports', 'title' => 'locShowReportNavi', 'action' => 'reports', 'levels_allowed' => [ROLE_READONLY, ROLE_USER, ROLE_BACKUPMGR]], ['name' => 'settings', 'title' => 'locShowSettingsNavi', 'action' => 'settings', 'action' => 'settings', 'levels_allowed' => [ROLE_USER, ROLE_BACKUPMGR]], ['name' => 'system', 'title' => 'locShowSystemNavi', 'action' => 'system', 'levels_allowed' => [ROLE_BACKUPMGR, ROLE_ADMIN]], ['name' => 'logout', 'title' => 'locLogout', 'action' => 'logout', 'levels_allowed' => null]];
?>
$upgradeMessage = $GLOBALS['locDatabaseUpgraded'];
break;
case 'FAILED':
$upgradeFailed = true;
$upgradeMessage = $GLOBALS['locDatabaseUpgradeFailed'];
break;
}
$strMessage = $GLOBALS['locWelcomeMessage'];
if ($strLogon) {
if ($strLogin && $strPasswd) {
switch (sesCreateSession($strLogin, $strPasswd)) {
case 'OK':
if ($backlink == '1' && isset($_SESSION['BACKLINK'])) {
header('Location: ' . $_SESSION['BACKLINK']);
} else {
header('Location: ' . getSelfPath() . '/index.php');
}
exit;
case 'FAIL':
$strMessage = $GLOBALS['locInvalidCredentials'];
break;
case 'TIMEOUT':
$strMessage = $GLOBALS['locLoginTimeout'];
break;
}
} else {
$strMessage = $GLOBALS['locMissingFields'];
}
}
$key = sesCreateKey();
echo htmlPageStart(_PAGE_TITLE_, ['jquery/js/jquery.md5.js']);
function sesVerifySession($redirect = TRUE)
{
if (!session_id()) {
session_start();
}
if (isset($_SESSION['REMOTE_ADDR']) && $_SESSION['REMOTE_ADDR'] == $_SERVER['REMOTE_ADDR']) {
$_SESSION['ACCESSTIME'] = time();
return true;
}
if ($redirect) {
if (substr($_SERVER['SCRIPT_FILENAME'], -9, 9) == 'index.php' && $_SERVER['QUERY_STRING'] && getRequest('func', '') != 'logout') {
$_SESSION['BACKLINK'] = getSelfPath() . '/index.php?' . $_SERVER['QUERY_STRING'];
header('Location: ' . getSelfPath() . '/login.php?backlink=1');
} else {
header('Location: ' . getSelfPath() . '/login.php');
}
} else {
header('HTTP/1.1 403 Forbidden');
}
exit;
}
