function getSIPAKALPermissions($myFile)
{
//Tratar el __FILE__, eliminar el directorio
$vUno = substr_count($myFile, "/");
$vDos = substr_count($myFile, "\\");
$notes = "";
$pUSRID = isset($_SESSION["SN_b80bb7740288fda1f201890375a60c8f"]) ? $_SESSION["SN_b80bb7740288fda1f201890375a60c8f"] : 0;
$pUSRNivel = isset($_SESSION["SN_d567c9b2d95fbc0a51e94d665abe9da3"]) ? $_SESSION["SN_d567c9b2d95fbc0a51e94d665abe9da3"] : 0;
$pUSRPWD = isset($_SESSION["SN_0d35c1f17675a8a2bf3caaacd59a65de"]) ? $_SESSION["SN_0d35c1f17675a8a2bf3caaacd59a65de"] : "";
$mUSR = isset($_SESSION["SN_0a744893951e0d1706ff74a7afccf561"]) ? $_SESSION["SN_0a744893951e0d1706ff74a7afccf561"] : "";
//
//obtener variables por CONTEXT
if (isset($_REQUEST)) {
if (isset($_REQUEST["ctx"])) {
$ctx = md5($_REQUEST["ctx"]);
$sql = "SELECT\t`t_03f996214fba4a1d05a68b18fece8e71`.*\r\n\t\t\tFROM `t_03f996214fba4a1d05a68b18fece8e71` WHERE \r\n\t\t\t(MD5(MD5(CONCAT(MD5(`t_03f996214fba4a1d05a68b18fece8e71`.`idusuarios`) , '|', MD5(`t_03f996214fba4a1d05a68b18fece8e71`.`f_34023acbff254d34664f94c3e08d836e`)))) = '{$ctx}') \r\n\t\t\tOR\r\n\t\t\t(MD5(MD5(CONCAT(MD5(`t_03f996214fba4a1d05a68b18fece8e71`.`f_28fb96d57b21090705cfdf8bc3445d2a`) , '|', MD5(`t_03f996214fba4a1d05a68b18fece8e71`.`f_34023acbff254d34664f94c3e08d836e`)))) = '{$ctx}')\r\n\t\t\tLIMIT 0,1 ";
//$notes = $sql;
$xMQL = new MQL();
$data = $xMQL->getDataRecord($sql);
foreach ($data as $rows) {
$pUSRID = $rows["idusuarios"];
$pUSRNivel = $rows["f_f2cd801e90b78ef4dc673a4659c1482d"];
$pUSRPWD = $rows["f_34023acbff254d34664f94c3e08d836e"];
$mUSR = $rows["f_28fb96d57b21090705cfdf8bc3445d2a"];
$_SESSION["SN_b80bb7740288fda1f201890375a60c8f"] = $pUSRID;
$_SESSION["SN_d567c9b2d95fbc0a51e94d665abe9da3"] = $pUSRNivel;
$_SESSION["SN_0d35c1f17675a8a2bf3caaacd59a65de"] = $pUSRPWD;
$_SESSION["SN_0a744893951e0d1706ff74a7afccf561"] = $mUSR;
}
//
}
}
$PUBLICSVC = array("personas.svc.php" => true, "personas.actividades.economicas.php" => true, "listanegra.svc.php" => true, "equivalente.moneda.svc.php" => true, "cantidad_en_letras.php" => true);
//servicios publicos
$PFile = "";
$myPermission = false;
if ($vUno >= 1) {
$DCFile = explode("/", $myFile);
$elems = count($DCFile) - 1;
if ($elems >= 0) {
$PFile = $DCFile[$elems];
}
} else {
$DCFile = explode("\\", $myFile);
$elems = count($DCFile) - 1;
if ($elems >= 0) {
$PFile = $DCFile[$elems];
}
}
if (isset($PUBLICSVC[$PFile])) {
$myPermission = true;
//setLog("Acceso Publico al Servicio $PFile");
} else {
$tmpPWD = $mUSR != "" ? goLogged("contrasenna", $mUSR) : md5(session_id());
if ($tmpPWD != $pUSRPWD) {
$myPermission = false;
//salvar el error
saveError(98, session_id(), "NO HA DEFINIDO UNA SESSION PARA EL ARCHIVO {$myFile} {$notes}");
//salir si no esta definida la session
session_unset();
// Finalmente, destruye la sesión
session_destroy();
header("location:inicio.php");
exit;
}
$myPermission = false;
//checar si la variable esta inicializada
//si no enviar un unsetsession
if (isset($pUSRNivel) and $pUSRNivel > 0) {
$sqlRULES = "SELECT COUNT(idgeneral_menu) AS 'items', menu_rules FROM general_menu\r\n\t\t\t\t\t\tWHERE menu_file LIKE '%{$PFile}'\r\n\t\t\t\t\t\tAND (FIND_IN_SET('{$pUSRNivel}@rw', menu_rules)>0\r\n\t\t\t\t\t\tOR FIND_IN_SET('{$pUSRNivel}@ro', menu_rules)>0)\r\n\t\t\t\t\t\t\r\n\t\t\t\t\t\t/*LIMIT 0,1*/ ";
//setLog($sqlRULES);
$cnxT = mysql_connect(WORK_HOST, USR_PERMISSIONS, PWD_PERMISSIONS);
$dbT = mysql_select_db(MY_DB_IN, $cnxT);
$rsRULES = mysql_query($sqlRULES, $cnxT);
if (!isset($rsRULES)) {
saveError(98, $_SESSION["SN_b80bb7740288fda1f201890375a60c8f"], mysql_error($cnxT));
}
$aRULES = mysql_fetch_array($rsRULES);
/**
* Verifica la autenticacion
* busca la pocision del permiso
* //
**/
$mos = strtoupper(substr(PHP_OS, 0, 3));
$myFile = str_replace("/", "|", $myFile);
$myFile = str_replace("\\", "|", $myFile);
$dFile = explode("|", $myFile);
$idfile = sizeof($dFile) - 1;
$myFile = $dFile[$idfile - 1] . "/" . $dFile[$idfile];
//DIRECTORY_SEPARATOR
if ($aRULES["items"] == 0) {
$sqlA = "INSERT INTO `general_menu` (`menu_title`, `menu_file`) VALUES ('{$PFile}', '{$myFile}')";
@mysql_query($sqlA, $cnxT);
}
if (!isset($aRULES["menu_rules"]) or empty($aRULES["menu_rules"]) or $aRULES["menu_rules"] == "") {
//saveError(97, $_SESSION["SN_b80bb7740288fda1f201890375a60c8f"], $sqlRULES);
saveError(999, $_SESSION["SN_b80bb7740288fda1f201890375a60c8f"], "Acceso no permitido a :" . addslashes($myFile) . " {$notes}");
$myPermission = false;
} else {
$ARls = explode(",", $aRULES["menu_rules"]);
if (in_array("{$pUSRNivel}@rw", $ARls)) {
$myPermission = "ReadWrite";
} else {
$myPermission = "ReadOnly";
}
}
@mysql_free_result($rsRULES);
@mysql_close($cnxT);
unset($rsRULES);
unset($cnxT);
unset($dbT);
} else {
$myPermission = false;
//salvar el error
saveError(98, session_id(), "NO HA DEFINIDO UNA SESSION PARA EL ARCHIVO {$myFile} {$notes}\r\n");
//salir si no esta definida la session
session_unset();
// Finalmente, destruye la sesión
session_destroy();
header("location:inicio.php");
exit;
}
}
return $myPermission;
}
header("location:inicio.php");
exit;
}
$cUser = goLogged("nombreusuario", $iUser);
if (!$cUser) {
saveError(98, session_id(), "{$iUser} - Usuario sin Definir");
session_unset();
// Finalmente, destruye la sesión
session_destroy();
header("location:inicio.php");
exit;
}
$cPwd = goLogged("contrasenna", $iUser);
$nivel = goLogged("niveldeacceso", $iUser);
$ciduser = goLogged("idusuarios", $iUser);
$expira = goLogged("expira", $iUser);
if (FORCE_PASSWORD_EXPIRE == true) {
if (strtotime(date("Y-m-d")) > strtotime($expira)) {
saveError(10, session_id(), "El Usuario {$iUser} NO Inicio Sesion pues su contrasenna Expiro en {$expira}");
session_unset();
header("location:inicio.php");
}
}
if (FORCE_SESSION_LOCKED == true and $iUser != TASK_USR) {
/**
* verificar si el usuario esta conectado
* verificar si el usuario ya tiene ID
*/
if (getStatusConnected($ciduser) == true) {
saveError(98, session_id(), "El Usuario {$iUser} esta Conectado en otra Terminal");
session_unset();
