?
Current Path : /home1/savoy/public_html/savoyglobal.net/sec/application/core/ |
Linux gator3171.hostgator.com 4.19.286-203.ELK.el7.x86_64 #1 SMP Wed Jun 14 04:33:55 CDT 2023 x86_64 |
Current File : /home1/savoy/public_html/savoyglobal.net/sec/application/core/MY_Controller.php |
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');?> <?php class MY_Controller extends CI_Controller { function MY_Controller() { parent::__construct(); $this->load->model('mastermodel'); if (!session_id()) { session_start(); } if (!isset($_SESSION['loggedin'])) { redirect('sessions/login'); } if (isset($_SESSION['user_id'])) { if (!empty($_SESSION['current_menu']) && isset($_SESSION['current_menu'])) { $user_id = $_SESSION['user_id']; $module = $_SESSION['current_module']; $menu = $_SESSION['current_mode']; $array_mod = explode(',', $_SESSION['user_modules']); $this->checkUrlPermission($menu, $array_mod); } } } function checkUrlPermission($menu, $array_mod) { $array_perm = explode(',', $_SESSION['modules_permission']); $index = array_search($menu, $array_mod); $ar = str_split(sprintf('%04u', decbin($array_perm[$index]))); if ($ar[0] == 1) { $this->crudPermission($menu, $array_mod, $array_perm); $_SESSION['Previous_URL'] = $_SERVER['REQUEST_URI']; } else { if(!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') { $data['msg'] = "Permission Denied"; $json_data = $this->load->view('message', array('msg' => 'Permission Denied'), TRUE); echo json_encode(array('json_data' => $json_data, 'json_perm' => 0)); die(); } else { header("Location: " . site_url()); } } } function crudPermission($menu, $array_mod, $array_perm) { $found = array_search($menu, $array_mod); $val = 0; if (isset($array_perm[$found])) $val = $array_perm[$found]; $a = decbin($val); $d = sprintf('%03u', $a); $ar = str_split($d); if (isset($_POST['action'])) { $check=0; if ($_POST['action'] == 'edit') { $check = 2; } if ($_POST['action'] == 'add') { $check = 1; } if ($ar[$check] != 1) { $json_data = $this->load->view('message', array('msg' => 'Permission Denied'), TRUE); echo json_encode(array('json_data' => $json_data, 'json_perm' => 0)); die(); } } } } ?>