public function permission() { if (!MAuth::is_auth()) { return false; } if (MAuth::group_id() > 2) { if (MAuth::user_id() != $this->createdby) { return false; } } if (MAuth::group_id() > 3) { return false; } return true; }
<li><a href="index.php?module=mpage&task=page_list">Pages <span class="glyphicon glyphicon-inbox"></span></a></li> <li><a href="index.php?module=mmenu&task=menu_list">Menus <span class="glyphicon glyphicon-link"></span></a></li> <li class="dropdown"> <a class="dropdown-toggle" data-toggle="dropdown" href="#">Add <span class="caret"></span></a> <ul class="dropdown-menu"> <li><a href="index.php?module=mpage&task=page_add">Add a new page <span class="glyphicon glyphicon-plus"></span></a></li> <li><a href="index.php?module=mmenu&task=menu_add">Add a new menu <span class="glyphicon glyphicon-plus"></span></a></li> </ul> </li> <li class="divider"></li> <?php } if (1 == MAuth::group_id()) { ?> <li><a href="index.php?module=mmodule&task=module_list">Modules <span class="glyphicon glyphicon-hdd"></span></a></li> <li><a href="index.php?module=mtemplate&task=template_list">Templates <span class="glyphicon glyphicon-eye-open"></span></a></li> <li><a href="index.php?module=mwidget&task=widget_list">Widgets <span class="glyphicon glyphicon-th-large"></span></a></li> <li class="divider"></li> <li><a href="index.php?module=muser&task=user_list">Users list <span class="glyphicon glyphicon-user"></span></a></li> <li><a href="index.php?module=muser&task=user_add">Add new user <span class="glyphicon glyphicon-plus"></span></a></li> <li class="divider"></li> <li><a href="index.php?module=preferences">Preferences <span class="glyphicon glyphicon-cog"></span></a></li>
private static function check_auth() { if (!sizeof($_COOKIE) > 0) { return null; } if (!isset($_COOKIE['mpmi_r'])) { return null; } if (!isset($_COOKIE['mpmi_t'])) { return null; } if (!isset($_COOKIE['mpmi_b'])) { return null; } $cookie_of_rand = MCrypt::decrypt($_COOKIE['mpmi_r']); $cookie_of_time = MCrypt::decrypt($_COOKIE['mpmi_t']); $cookie_of_browser = MCrypt::decrypt($_COOKIE['mpmi_b']); $rand_array = explode(' ', $cookie_of_rand); $user = new M_User($rand_array[0], true); if ($user) { if ($user->compare_lastlogin($cookie_of_rand, $cookie_of_time, $cookie_of_browser)) { self::$auth = true; self::$user = $user->get_username(); self::$user_id = $user->get_id(); self::$group_id = $user->get_group_id(); } } }