require_once('db.php');
+function __autoload($class)
+{
+ $found = false;
+
+ if (empty($_GLOBALS['module'])) {
+ if (!empty($_REQUEST['source'])) $name = sanitise_filename($_REQUEST['source']);
+ if (!empty($_GET['msak'])) $name = sanitise_filename($_GET['mask']);
+ list($module,$fname) = explode('__', $name);
+ if (!empty($module)) $_GLOBALS['module'] = $module;
+ }
+
+ if (!$found &&
+ !empty($_REQUEST['source']) &&
+ !empty($_GLOBALS['module']) &&
+ is_dir($_SESSION['sys']['basedir'].'masks/'.$_GLOBALS['module'].'/class') &&
+ file_exists($_SESSION['sys']['basedir'].'masks/'.$_GLOBALS['module'].'/class/'.strtolower($class).'.class.php')) {
+ include_once($_SESSION['sys']['basedir'].'masks/'.$_GLOBALS['module'].'/class/'.strtolower($class).'.class.php');
+ $found = true;
+ }
+
+ if (!$found &&
+ is_dir($_SESSION['sys']['basedir'].'class') &&
+ file_exists($_SESSION['sys']['basedir'].'class/'.strtolower($class).'.class.php')) {
+ include_once($_SESSION['sys']['basedir'].'class/'.strtolower($class).'.class.php');
+ $found = true;
+ }
+
+ if (!$found) {
+ $text = sprintf('Class %s not found%',
+ $class,
+ defined(MODULNAME) ? ' in module ' . MODULNAME : '');
+ die($text);
+ }
+}
+
function passwd($login,$pass)
{
return md5(md5($pass).$login);
. "WHERE sys_group_mask.gid = %d AND fname = %s",
$_SESSION['sys']['group'], $db->quote($form));
- $sth = $db->query($sql);
-
- if ($sth === false) {
- error_log('Unauthorised access to ' . $form);
- return false;
- }
+ $count = $db->fetchValue($sql);
- $row = $sth->fetch();
- if ($row === false) {
+ if ($count === false) {
error_log('Unauthorised access to ' . $form);
return false;
}
- if ($row['count'] == 0) {
+ if ($count == 0) {
error_log('Unauthorised access to ' . $form);
return false;
}
return true;
else {
if (empty($_SESSION['sys']['login']))
- format_ajax(array('error' => "No permission to access data.\nNo active session found.\nYou may need to re-login."));
+ format_ajax(array('error' => "No permission to access data.\nNo active session found.\nYou need to re-login.",
+ 'logout' => true));
else
format_ajax(array('error' => 'No permission to access data'));
}