QuartzMap/admin/snippets/index_prefix.php

54 lines
1.5 KiB
PHP
Raw Normal View History

2024-03-16 23:03:30 +00:00
<?php
session_start();
require('../../admin/incl/const.php');
require('../../admin/class/database.php');
require('../../admin/class/permalink.php');
require('../../admin/class/access_groups.php');
$loc = null;
const SHOW_DATATABLES = false;
const JS_VARNAMES = array();
if(isset($_GET['permalink']) || isset($_SESSION['permalink'])){
$database = new Database(DB_HOST, DB_NAME, DB_USER, DB_PASS, DB_PORT, DB_SCMA);
$obj = new permalink_Class($database->getConn(), $_SESSION['user']->id);
if(isset($_GET['permalink'])){ // called from index.php
$_SESSION['permalink'] = $_GET['permalink']; // save permalink for data_{file,gs,pg}.php
$row = $obj->getMap($_GET['permalink'], 1);
}else{
$row = $obj->getMap($_SESSION['permalink'], 0);
}
if($row == null){
die('Sorry permalink is invalid or expired!');
}
$map_id = $row['map_id'];
if($map_id != MAP_ID){
die('Sorry permalink is not for this map!');
}
$loc = explode('/', $row['query']); // 11/41.8036/-87.6407
}else{
if(!isset($_SESSION['user'])) {
header('Location: ../../login.php');
exit;
}
$database = new Database(DB_HOST, DB_NAME, DB_USER, DB_PASS, DB_PORT, DB_SCMA);
$map_id = MAP_ID;
$acc_obj = new access_group_Class($database->getConn(), $_SESSION['user']->id);
$usr_grps = $acc_obj->getByUserId($_SESSION['user']->id);
if(!count($usr_grps)){
die('Sorry, no access group!');
}
$usr_grps = $acc_obj->getGroupMapGroups(array_keys($usr_grps));
if(!count($usr_grps) || !isset($usr_grps[$map_id])){
die('Sorry, access not allowed!');
}
}
?>