function requireLogin()
{
if (isLoginPage()) {
return false;
}
$bUser = isset($_SESSION['user']);
$bAdmin = $bUser ? $_SESSION['admin'] : false;
foreach ($GLOBALS['aAdminDirs'] as $v) {
if (strpos($_SERVER['SCRIPT_FILENAME'], $v) > 0) {
requireAdmin();
}
}
foreach ($GLOBALS['aUserDirs'] as $v) {
if (strpos($_SERVER['SCRIPT_FILENAME'], $v) > 0) {
requireUser();
}
}
return false;
}
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 2 of the License only.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*
* see http://www.gnu.org/licenses/gpl.html for more information
*/
require "functions.inc.php";
requireUser();
$db = new DB();
$action = $_GET["action"];
$id = $db->escape($_GET["id"]);
$name = $db->escape($_GET["name"]);
$note = $db->escape($_GET["note"]);
if ($action == "delete" && $id) {
$db->query("DELETE FROM restaurants WHERE id='{$id}' LIMIT 1");
forward("restaurants.php");
} else {
if ($action == "save" && $id && $name) {
$sql = "UPDATE restaurants SET Name = '{$name}', Note = '{$note}' WHERE id='{$id}' LIMIT 1;";
$db->query($sql);
forward("restaurants.php");
} else {
if ($action == "add" && $name) {
