tony-landis / agilebill
watch download tarball
public
Forks72Right
Watchers89Right
Description: Open source billing and invoicing
Homepage: http://www.agileco.com
Clone URL: git://github.com/tony-landis/agilebill.git 
Removed stray tag in name to correct non insertion of categories
box25 (author)
Sun Jul 12 13:25:14 -0700 2009
tony-landis (committer)
Tue Nov 03 13:22:17 -0800 2009
commit  560512646a090dc1db6c7b35cedca16e5eecd572
tree    9c428b47467a71f47384deca5f5984d58d102fc1
parent  c5c296028170bb5e8447778a16e6abc165c1084f
agilebill / cookie.index.php
100644 103 lines (87 sloc) 2.93 kb
raw blame history 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103

<?php
	ob_start();  
 
    # Require the needed files...
    require_once('config.inc.php');
    require_once(PATH_ADODB  . 'adodb.inc.php');
    require_once(PATH_CORE   . 'auth.inc.php');
    require_once(PATH_CORE   . 'database.inc.php'); 
    require_once(PATH_CORE   . 'session.inc.php'); 	
    require_once(PATH_CORE   . 'setup.inc.php');
    require_once(PATH_CORE   . 'vars.inc.php');
    require_once(PATH_CORE   . 'xml.inc.php');
 
    # start the debugger
    $C_debug 	= new CORE_debugger; 
 
    # remove conflicting s variable
    if (isset($_GET['s']))
    {
        $_GET_s = $_GET['s'];
        unset($_GET['s']);
    }
    else if( isset($_POST['s']))
    {
        $_POST_s = $_POST['s'];
        unset($_POST['s']);
    }
    
    # get the vars...
    $C_vars 	= new CORE_vars;
    $VAR = $C_vars->f;
 
    # initialize the site setup
    $C_setup 	= new CORE_setup;
 
    # initialize the session handler
    $C_sess 	= new CORE_session;
 
    # define the other session variables as constants
    $C_sess->session_constant();
  
    # update the session constants
    $C_sess->session_constant_log();
    
    # initialze the authentication handler
    $force          = false;
    $C_auth  	    = new CORE_auth ($force);
 	
    ############################################################################
    # Verify the User's Access
    $authorized = false;
  	if(defined("SESS_LOGGED") && SESS_LOGGED == "1" && agile_check_auth ( _HTACCESS_ID ) )
        $authorized = true;
 
	############################################################################
	## forward to login page:
    if ( !$authorized )
    {
        header("Location: ".URL."?_page=account:login_cookie&_htaccess_id=" . _HTACCESS_ID. "&_next_page="._RETURN_URL);
        exit();
    }
    
    
    ### Reset the 's' var
    if(isset($_POST_s))
    {
        $_POST['s'] = $_POST_s;
    }
    else if (isset($_GET_s))
    {
        $_GET['s'] = $_GET_s;
    }
 
 
    ##############################
    ##  Check Authentication    ##
    ##############################
    function agile_check_auth($id)
    {
        ### Check if user is a member of one of the authorized groups:
        $db     = &DB();
        $sql    = 'SELECT status,group_avail FROM ' . AGILE_DB_PREFIX . 'htaccess WHERE
                site_id     = ' . $db->qstr(DEFAULT_SITE) . ' AND
                status      = ' . $db->qstr('1') . ' AND
                id          = ' . $db->qstr($id);
        $result = $db->Execute($sql);                                      
        if($result->RecordCount() > 0)
        {
            global $C_auth;
            @$arr = unserialize($result->fields['group_avail']);
            for($i=0; $i<count($arr); $i++)
            {
                if($C_auth->auth_group_by_id($arr[$i]))
                {
                    return true;
                }
            }
        }
        return false;
    }
 
	ob_end_flush();
?>