function requireLogin() { if (isLoginPage()) { return false; } $bUser = isset($_SESSION['user']); $bAdmin = $bUser ? $_SESSION['admin'] : false; foreach ($GLOBALS['aAdminDirs'] as $v) { if (strpos($_SERVER['SCRIPT_FILENAME'], $v) > 0) { requireAdmin(); } } foreach ($GLOBALS['aUserDirs'] as $v) { if (strpos($_SERVER['SCRIPT_FILENAME'], $v) > 0) { requireUser(); } } return false; }
* it under the terms of the GNU General Public License as published by * the Free Software Foundation, version 2 of the License only. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA * * see http://www.gnu.org/licenses/gpl.html for more information */ require "functions.inc.php"; requireUser(); $db = new DB(); $action = $_GET["action"]; $id = $db->escape($_GET["id"]); $name = $db->escape($_GET["name"]); $note = $db->escape($_GET["note"]); if ($action == "delete" && $id) { $db->query("DELETE FROM restaurants WHERE id='{$id}' LIMIT 1"); forward("restaurants.php"); } else { if ($action == "save" && $id && $name) { $sql = "UPDATE restaurants SET Name = '{$name}', Note = '{$note}' WHERE id='{$id}' LIMIT 1;"; $db->query($sql); forward("restaurants.php"); } else { if ($action == "add" && $name) {