echo"<li><a href='index.php".$aidlink."&pagenum=1'> Content </a></li>
<li><a href='index.php".$aidlink."&pagenum=2'>Users </a></li>
<li><a href='index.php".$aidlink."&pagenum=3'>System </a></li>
<li><a href='index.php".$aidlink."&pagenum=4'>Settings </a></li>
<li><a href='index.php".$aidlink."&pagenum=5'>Infusions </a></li>";
if (checkrights("M")) {
echo "<li>Bla bla bla</li>";
}
if (iADMIN && checkrights("C")) {
echo "<li>Bla bla bla</li>";
}
if (checkrights("A") || (checkrights("AC") || (checkrights("CP") || (checkrights("D") || (checkrights("DC") || (checkrights("FQ") || (checkrights("F") || (checkrights("IM") || (checkrights("N") || (checkrights("NC") || (checkrights("PO") || (checkrights("W") || (checkrights("WC") || (checkrights("PH") || ) {
echo"<li><a href='index.php".$aidlink."&pagenum=1'> Content </a></li>";
}
$admin_rights = explode('.', $settings['admin_rights']);
if (in_array('.R1.R2.R3.ETC', $admin_rights)) {
}
function render_admin_tabs() {
global $userdata;
$array = array(
'1' => 'Page 1',
'2' => 'Page 2',
'3' => 'Page 3',
'4' => 'Page 4',
'5' => 'Page 5'
);
/* Many to 1 checker */
function tab_rights($page) {
global $userdata;
$user_rights = explode('.', $userdata['user_rights']);
$result = dbquery("SELECT * FROM ".DB_ADMIN." WHERE admin_page='$page' ORDER BY admin_rights ASC");
if (dbrows($result)>0) {
while ($data = dbarray($result)) {
if (in_array($data['admin_rights'], $user_rights)) {
return true;
}
}
return false; // edit - added this to return 0 if by end of the loop, no rights matched.
} else {
return false;
}
}
// now loop it.
foreach($array as $page_num => $page_name) {
if (tab_rights($page_num)) {
echo "<li ><a href='index.php".$aidlink."&pagenum=$page_num'>$page_name</a></li>\n";
}
}
}
echo render_admin_tabs();
function tab_rights($page) {
global $userdata;
$user_rights = explode('.', $userdata['user_rights']);
$result = dbquery("SELECT * FROM ".DB_ADMIN." WHERE admin_page='$page' ORDER BY admin_rights ASC");
if (dbrows($result)>0) {
while ($data = dbarray($result)) {
if (in_array($data['admin_rights'], $user_rights)) {
return true;
}
}
} else {
return false;
}
}
$_GET['sanitized_pagenum'] = isset($_GET['pagenum']) && isnum($_GET['pagenum'])) ? $_GET['pagenum'] : 0;
if (!tab_rights($_GET['sanitized_pagenum'])) { // hacker found. }
Category Forum
Modifications and Requests - 8Labels
None yet
Statistics
4 participants
Notifications
You are not receiving notifications from this thread.
Related Questions