require_once('db.php');
+++ +function __autoload($class)
+++ +{
+++ + $found = false;
+++ +
+++ + if (empty($_GLOBALS['module'])) {
+++ + if (!empty($_REQUEST['source'])) $name = sanitise_filename($_REQUEST['source']);
+++ + if (!empty($_GET['msak'])) $name = sanitise_filename($_GET['mask']);
+++ + list($module,$fname) = explode('__', $name);
+++ + if (!empty($module)) $_GLOBALS['module'] = $module;
+++ + }
+++ +
+++ + if (!$found &&
+++ + !empty($_REQUEST['source']) &&
+++ + !empty($_GLOBALS['module']) &&
+++ + is_dir($_SESSION['sys']['basedir'].'masks/'.$_GLOBALS['module'].'/class') &&
+++ + file_exists($_SESSION['sys']['basedir'].'masks/'.$_GLOBALS['module'].'/class/'.strtolower($class).'.class.php')) {
+++ + include_once($_SESSION['sys']['basedir'].'masks/'.$_GLOBALS['module'].'/class/'.strtolower($class).'.class.php');
+++ + $found = true;
+++ + }
+++ +
+++ + if (!$found &&
+++ + is_dir($_SESSION['sys']['basedir'].'class') &&
+++ + file_exists($_SESSION['sys']['basedir'].'class/'.strtolower($class).'.class.php')) {
+++ + include_once($_SESSION['sys']['basedir'].'class/'.strtolower($class).'.class.php');
+++ + $found = true;
+++ + }
+++ +
+++ + if (!$found) {
+++ + $text = sprintf('Class %s not found%',
+++ + $class,
+++ + defined(MODULNAME) ? ' in module ' . MODULNAME : '');
+++ + die($text);
+++ + }
+++ +}
+++ +
function passwd($login,$pass)
{
return md5(md5($pass).$login);
. "WHERE sys_group_mask.gid = %d AND fname = %s",
$_SESSION['sys']['group'], $db->quote($form));
--- - $sth = $db->query($sql);
--- -
--- - if ($sth === false) {
--- - error_log('Unauthorised access to ' . $form);
--- - return false;
--- - }
+++ + $count = $db->fetchValue($sql);
--- - $row = $sth->fetch();
--- - if ($row === false) {
+++ + if ($count === false) {
error_log('Unauthorised access to ' . $form);
return false;
}
--- - if ($row['count'] == 0) {
+++ + if ($count == 0) {
error_log('Unauthorised access to ' . $form);
return false;
}
return true;
else {
if (empty($_SESSION['sys']['login']))
- --- format_ajax(array('error' => "No permission to access data.\nNo active session found.\nYou may need to re-login."));
+ +++ format_ajax(array('error' => "No permission to access data.\nNo active session found.\nYou need to re-login.",
+ +++ 'logout' => true));
else
format_ajax(array('error' => 'No permission to access data'));
}