Location: PHPKode > projects > Athena Research Assistant > athena-dev-0.1pre-alpha/modules/viewPUBLICresrc.php
<?php
//BEGIN - CHECK IF THE USER IS ALLOWED TO DO THIS IN CASE OF A $_GET HACK
//THIS ENSURES THAT THE USER DOES NOT ATTEMPT ON SLIPPING VARIABLES IN THE URL
//IN ORDER TO OBTAIN ACCESS TO ADMIN PRIVILIDGES

$thisUSERGROUP = $_SESSION["userGROUPID"];
$thisUSERID = $_SESSION["UID"];

$getUSERperm =	mysql_query("SELECT * FROM ath_groups WHERE " . //obtain permission values
				"ath_groups_id=$thisUSERGROUP");
				
$checkUSER = mysql_fetch_array($getUSERperm);				
//END - CHECK FOR $_GET HACK

if ($checkUSER["ath_groups_addtoPUBLIC"] == 1){ //IF PERMISSION EXISTS ALLOW TO ADD
	
	//CONVERTS RESOURCE IDs INTO NAMES
	include("../includes/convert_resrc_formats.inc.php");
	//CONVERTS CATEGORY IDs INTO NAMES
	include("../includes/convert_categories.inc.php");
	
	$getUSERSresrc = mysql_query("SELECT * FROM ath_public_resrc");
		
	echo("<table width=\"550\" border=\"0\">");
		echo("<tr>");
			echo("<td><hr></td>");
		echo("</tr>");
		
		while ($ROWgetUSERSresrc = mysql_fetch_array($getUSERSresrc)){
			echo("<tr>");
				
				echo("<td>");
					include("../objects/showPUBLIC.php");
				echo("</td>");
			
			echo("</tr>");
			}
	echo("</table>");		
}
else{
	echo("<p class=\"red\">You do not have permission to view PUBLIC RESOURCES!</p>");
}
?>

Return current item: Athena Research Assistant