Пример #1
0
function isModuleAccessible($guid, $connection2, $address = "")
{
    if ($address == "") {
        $address = $_SESSION[$guid]["address"];
    }
    $output = FALSE;
    //Check user is logged in
    if ($_SESSION[$guid]["username"] != "") {
        //Check user has a current role set
        if ($_SESSION[$guid]["gibbonRoleIDCurrent"] != "") {
            //Check module ready
            $moduleID = checkModuleReady($address, $connection2);
            if ($moduleID != FALSE) {
                //Check current role has access rights to an action in the current module.
                try {
                    $data = array("gibbonRoleID" => $_SESSION[$guid]["gibbonRoleIDCurrent"], "moduleID" => $moduleID);
                    $sql = "SELECT * FROM gibbonAction, gibbonPermission, gibbonRole WHERE (gibbonAction.gibbonActionID=gibbonPermission.gibbonActionID) AND (gibbonPermission.gibbonRoleID=gibbonRole.gibbonRoleID) AND (gibbonPermission.gibbonRoleID=:gibbonRoleID) AND (gibbonAction.gibbonModuleID=:moduleID)";
                    $result = $connection2->prepare($sql);
                    $result->execute($data);
                    if ($result->rowCount() > 0) {
                        $output = TRUE;
                    }
                } catch (PDOException $e) {
                }
            }
        }
    }
    return $output;
}
Пример #2
0
    //Get main menu
    if ($cacheLoad) {
        $_SESSION[$guid]["mainMenu"] = mainMenu($connection2, $guid);
    }
    print $_SESSION[$guid]["mainMenu"];
    ?>
						</div>
					</div>
					<div id="content-wrap">
						<?php 
    //Allow for wide pages (no sidebar)
    if ($sidebar == "false") {
        print "<div id='content-wide'>";
        //Get floating module menu
        if (substr($_SESSION[$guid]["address"], 0, 8) == "/modules") {
            $moduleID = checkModuleReady($_SESSION[$guid]["address"], $connection2);
            if ($moduleID != FALSE) {
                $gibbonRoleIDCurrent = NULL;
                if (isset($_SESSION[$guid]["gibbonRoleIDCurrent"])) {
                    $gibbonRoleIDCurrent = $_SESSION[$guid]["gibbonRoleIDCurrent"];
                }
                try {
                    $data = array("gibbonModuleID" => $moduleID, "gibbonRoleID" => $gibbonRoleIDCurrent);
                    $sql = "SELECT gibbonModule.entryURL AS moduleEntry, gibbonModule.name AS moduleName, gibbonAction.name, gibbonAction.precedence, gibbonAction.category, gibbonAction.entryURL, URLList FROM gibbonModule, gibbonAction, gibbonPermission WHERE (gibbonModule.gibbonModuleID=:gibbonModuleID) AND (gibbonModule.gibbonModuleID=gibbonAction.gibbonModuleID) AND (gibbonAction.gibbonActionID=gibbonPermission.gibbonActionID) AND (gibbonPermission.gibbonRoleID=:gibbonRoleID) AND NOT gibbonAction.entryURL='' ORDER BY gibbonModule.name, category, gibbonAction.name, precedence DESC";
                    $result = $connection2->prepare($sql);
                    $result->execute($data);
                } catch (PDOException $e) {
                }
                if ($result->rowCount() > 0) {
                    $currentCategory = "";
                    $lastCategory = "";