Location: PHPKode > projects > PhpMyInventory > pmi281/Includes/securityFunctions.inc.php
<?
  # You MUST call this BEFORE any text is written to client!!!
  Function checkPermissions($intSecurity, $intTimeOut) {
    global $userID, $sessionTime, $sessionSecurity, $secureAdmin;
    global $SERVER_NAME, $QUERY_STRING, $strLocPrefix, $navHit;

    session_start();
    $pageName = getPageName();

    If ($secureAdmin) {
         $strRedir   = "https://".makeHomeURL("");
         $strHeader  = "https://".makeHomeURL($pageName)."/login.php";
    } Else {
         $strRedir   = "http://".makeHomeURL("");
         $strHeader  = "http://".makeHomeURL($pageName)."/login.php";
    }
  
    If ($QUERY_STRING != "") {
         $strRedir = $strRedir."?".$QUERY_STRING;
    }

    if ($userID) {
        if ($sessionTime < (time() - $intTimeOut)) {
            // if 30 minutes have passed since the last page request
            redirect($strHeader, "strError=timeout&strRedir=$strRedir");

        } elseif ($sessionSecurity > $intSecurity) {
            // if user's security level is too low
            $sessionTime = time(); # current time in seconds
            redirect($strHeader, "strError=security&strRedir=$strRedir");

        } else {
            // let user in!
            $sessionTime = time(); # current time in seconds;
        }
    } Else {
        redirect($strHeader, "strError=login&strRedir=$strRedir");
    }
  }

  Function forceSSL() {
      global $secureAdmin, $QUERY_STRING, $SERVER_PORT, $sslPort;
      If ($secureAdmin AND ($SERVER_PORT != $sslPort)) {
          $strRedir = "https://".makeHomeURL("");
          redirect($strRedir, $QUERY_STRING);
      }
  }

  Function writeSecurityLevel($intLevel) {
      If ($intLevel == "0") {
          $strLevel = "Full Access";
      } ElseIf ($intLevel == "1") {
          $strLevel = "Limited Access";
      } ElseIf ($intLevel == "2") {
          $strLevel = "Read Only";
      } ElseIf ($intLevel == "3") {
          $strLevel = "No Access";
      }
      Return "<font color='green'>$strLevel</font>";
  }
  
  $accountID = 1;
?>
Return current item: PhpMyInventory