/** * */ function check_current_user_access($access_rule) { if (xanth_conf_get('debug', FALSE)) { if (!xAccessRule::exists($access_rule)) { xanth_log(LOG_LEVEL_DEBUG, 'Access rule "' . $access_rule . '" does not exists', 'User'); } } $userid = xUser::get_current_userid(); if ($userid !== NULL) { //if user has admin role bypass check $result = xanth_db_query("SELECT * FROM user_to_role WHERE userid = %d AND roleName = '%s'", $userid, 'administrator'); if ($row = xanth_db_fetch_array($result)) { return TRUE; } //select other roles $result = xanth_db_query("SELECT role_access_rule.access_rule FROM user_to_role,role_access_rule WHERE \r\n\t\t\t\tuser_to_role.userid = %d AND (role_access_rule.roleName = user_to_role.roleName OR role_access_rule.roleName = '%s') \r\n\t\t\t\tAND\trole_access_rule.access_rule = '%s'", $userid, 'authenticated', $access_rule); } else { $result = xanth_db_query("SELECT role_access_rule.access_rule FROM role_access_rule WHERE \r\n\t\t\t\trole_access_rule.roleName = '%s' AND role_access_rule.access_rule = '%s'", 'anonymous', $access_rule); } if ($row = xanth_db_fetch_array($result)) { return TRUE; } return FALSE; }