public function __construct($URL, $post = array(), $files = array())
{
// URL parse
$urlparts = parse_url($URL);
if (!isset($urlparts['query'])) {
$urlparts['query'] = 'show=list';
# required
}
// create URL
$finalURL = explode('&', $urlparts['query']);
$URL_parts = array('edit' => 0, 'page' => 1, 'section' => '', 'show' => 'list', 'filter' => array(), 'order' => array());
// assign some internal vars
$this->menu = $_SESSION['menu_items'];
$this->folder = dirname(__FILE__) . '/../';
$this->POST = $post;
$this->FILES = $files;
// get database connection
$this->DB = new db();
//mysql for intermediate query generation
if ($this->mysql_db != false) {
require_once dirname(__FILE__) . '/mysql.inc.php';
}
// get user object
$this->USER = new user($this->POST);
// GET actions - page, show, edit and others
foreach ($finalURL as $valURL) {
$u = explode('=', $valURL);
if (!empty($u[0])) {
$URL_parts[$u[0]] = $u[1];
switch ($u[0]) {
case 'edit':
$this->edit = $u[1];
break;
case 'page':
$this->page = (int) $u[1];
break;
case 'section':
$this->section = $u[1];
break;
case 'show':
if (in_array($u[1], array('list', 'insert', 'update', 'delete', 'deletefile', 'export'))) {
$this->show = $u[1];
} else {
$this->show = 'list';
}
break;
case 'filter':
$this->urlFilter = unserialize(urldecode($u[1]));
break;
case 'order':
$this->urlOrder = unserialize(urldecode($u[1]));
break;
case 'logout':
$this->USER->logout();
break;
}
}
}
$this->USER->section = $this->section;
// we have to show something
if (empty($this->show) && !isset($_GET['lang'])) {
die('Error at line "' . __LINE__ . '" in method "' . __METHOD__ . '"' . (isset($this->section) ? ', section ' . $this->section : '') . '<br />
No display request - "$this->show" was not set!');
}
// reset page and edit if we have insert
if ($this->show == 'insert') {
$this->edit = 0;
}
// reset page but require update to some ID
if ($this->show == 'update' || $this->show == 'delete') {
if (!$this->edit) {
die('Error at line "' . __LINE__ . '" in method "' . __METHOD__ . '"' . (isset($this->section) ? ', section ' . $this->section : '') . '<br />
Nothing to ' . $this->show . '! Set the EDIT request.');
}
}
// get URL parts from GET with default values
$this->URL = $URL_parts;
// INSERT log if we DON't have a listing OR we have update and POST (something is updated)
if ($this->show != 'list' && $this->show != 'update' || $this->show == 'update' && !empty($this->POST)) {
$validFiles = array();
if (!empty($this->FILES)) {
foreach ($this->FILES as $kFILES => $vFILES) {
if (trim($vFILES['name']) != '') {
$validFiles[$kFILES] = $vFILES;
}
}
}
$this->DB->fetch('
INSERT INTO `_adminlog`
(`request_get`, `request_post`, `request_files`, `user`) VALUES
( :request_get, :request_post, :request_files, :user )
', array(':request_get' => isset($_GET) && !empty($_GET) ? serialize($_GET) : '', ':request_post' => !empty($this->POST) ? serialize($this->POST) : '', ':request_files' => !empty($validFiles) ? serialize($validFiles) : '', ':user' => $this->USER->userData['idadmin']), 1);
}
// ======================================================================
// check USER privileges
// ======================================================================
// if not INDEX
if ($this->section != false) {
// check if the user has the priviledge to access this section
if (false == $this->USER->can()) {
die('<p style="font:16px Arial,Verdana;color:#c00">' . lang::translate('access_denied_section') . '</p>
<meta http-equiv="refresh" content="2;url=' . BASE_URL . '" />');
}
// check if the user can make current action
if (false == $this->USER->can($this->show) && $this->show != 'export') {
die('<p style="font:16px Arial,Verdana;color:#c00">' . lang::translate('access_denied_action') . '</p>
<meta http-equiv="refresh" content="2;url=' . BASE_URL . '" />');
}
// check uploadfile
if (false == $this->USER->can('uploadfile') && !empty($this->FILES)) {
die('<p style="font:16px Arial,Verdana;color:#c00">' . lang::translate('access_denied_action') . '</p>
<meta http-equiv="refresh" content="2;url=' . BASE_URL . '" />');
}
}
// ======================================================================
// set language links
$this->languageFrontEnd = lang::createButtons();
}
