Commit 0cef61a3 authored by tbrehm's avatar tbrehm

Added several input checks.

parent 7bf980d9
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
<?php
/*
Copyright (c) 2007, Till Brehm, projektfarm Gmbh
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
require_once('../lib/config.inc.php');
require_once('../lib/app.inc.php');
// importiere Modul
$mod = $_REQUEST["mod"];
// Checke ob User eingeloggt
if(!is_array($_SESSION["s"]["user"])) header("Location: index.php?phpsessid=".$_SESSION["s"]["id"]);
// checke ob User Modul verwenden darf
$user_modules = explode(",",$_SESSION["s"]["user"]["modules"]);
if(!in_array($mod,$user_modules)) $app->error($app->lng(301));
// lade Moduldaten in Session
if(is_file($mod."/lib/module.conf.php")) {
include_once($mod."/lib/module.conf.php");
$_SESSION["s"]["module"] = $module;
echo "HEADER_REDIRECT:".$_SESSION["s"]["module"]["startpage"];
} else {
$app->error($app->lng(302));
}
<?php
/*
Copyright (c) 2007, Till Brehm, projektfarm Gmbh
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
require_once('../lib/config.inc.php');
require_once('../lib/app.inc.php');
// importiere Modul
$mod = $_REQUEST["mod"];
// Checke ob User eingeloggt
if($_SESSION["s"]["user"]['active'] != 1) {
header("Location: index.php?phpsessid=".$_SESSION["s"]["id"]);
die();
}
// checke ob User Modul verwenden darf
$user_modules = explode(",",$_SESSION["s"]["user"]["modules"]);
if(!in_array($mod,$user_modules)) $app->error($app->lng(301));
// lade Moduldaten in Session
if(is_file($mod."/lib/module.conf.php")) {
include_once($mod."/lib/module.conf.php");
$_SESSION["s"]["module"] = $module;
echo "HEADER_REDIRECT:".$_SESSION["s"]["module"]["startpage"];
} else {
$app->error($app->lng(302));
}
?>
\ No newline at end of file
<?php
/*
Copyright (c) 2007, Till Brehm, projektfarm Gmbh
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
require_once('../lib/config.inc.php');
require_once('../lib/app.inc.php');
// importiere Modul
$lang = $_REQUEST["lang"];
// Checke ob User eingeloggt
if(!is_array($_SESSION["s"]["user"])) header("Location: index.php?phpsessid=".$_SESSION["s"]["id"]);
if($lang == "en") {
$_SESSION["s"]["language"] = 'en';
} else {
$_SESSION["s"]["language"] = 'de';
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>42go</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<script language= "JavaScript">
<!--Break out of frames
function breakout() {
if (top.frames.length > 0)
{
top.location='index.php?phpsessid=<? echo $_SESSION["s"]["id"]?>';
}
else
{
window.location='index.php?phpsessid=<? echo $_SESSION["s"]["id"]?>';
}
}
//-->
</script>
</head>
<body onLoad="breakout()">
</body>
</html>
This diff is collapsed.
<?php
/*
Copyright (c) 2007, Till Brehm, projektfarm Gmbh
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
require_once('../lib/config.inc.php');
require_once('../lib/app.inc.php');
$module = $_REQUEST["s_mod"];
$page = $_REQUEST["s_pg"];
if(!preg_match("/^[a-z]{0,20}$/i", $module)) die('module name contains unallowed chars.');
if(!preg_match("/^[a-z]{0,20}$/i", $page)) die('page name contains unallowed chars.');
if(is_file("$module/$page.php")) {
include_once("$module/$page.php");
$classname = $module.'_'.$page;
$page = new $classname();
$content = $page->render();
if($page->status == 'OK') {
echo $content;
} elseif($page->status == 'REDIRECT') {
$target_parts = explode(':',$page->target);
$module = $target_parts[0];
$page = $target_parts[1];
if(!preg_match("/^[a-z]{2,20}$/i", $module)) die('target module name contains unallowed chars.');
if(!preg_match("/^[a-z]{2,20}$/i", $page)) die('target page name contains unallowed chars.');
if(is_file("$module/$page.php")) {
include_once("$module/$page.php");
$classname = $module.'_'.$page;
$page = new $classname();
$content = $page->render();
if($page->status == 'OK') {
echo $content;
}
}
}
} elseif (is_array($_SESSION["s"]['user']) or is_array($_SESSION["s"]["module"])) {
// If the user is logged in, we try to load the default page of the module
die('hhhhh');
} else {
die('Page does not exist.');
}
<?php
/*
Copyright (c) 2007, Till Brehm, projektfarm Gmbh
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
require_once('../lib/config.inc.php');
require_once('../lib/app.inc.php');
$module = $_REQUEST["s_mod"];
$page = $_REQUEST["s_pg"];
if(!preg_match("/^[a-z]{0,20}$/i", $module)) die('module name contains unallowed chars.');
if(!preg_match("/^[a-z]{0,20}$/i", $page)) die('page name contains unallowed chars.');
if(is_file("$module/$page.php")) {
include_once("$module/$page.php");
$classname = $module.'_'.$page;
$page = new $classname();
$content = $page->render();
if($page->status == 'OK') {
echo $content;
} elseif($page->status == 'REDIRECT') {
$target_parts = explode(':',$page->target);
$module = $target_parts[0];
$page = $target_parts[1];
if(!preg_match("/^[a-z]{2,20}$/i", $module)) die('target module name contains unallowed chars.');
if(!preg_match("/^[a-z]{2,20}$/i", $page)) die('target page name contains unallowed chars.');
if(is_file("$module/$page.php")) {
include_once("$module/$page.php");
$classname = $module.'_'.$page;
$page = new $classname();
$content = $page->render();
if($page->status == 'OK') {
echo $content;
}
}
}
} elseif (is_array($_SESSION["s"]['user']) or is_array($_SESSION["s"]["module"])) {
// If the user is logged in, we try to load the default page of the module
die('- error -');
} else {
die('Page does not exist.');
}
?>
\ No newline at end of file
<?php
/*
Copyright (c) 2007, Till Brehm, projektfarm Gmbh
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
error_reporting(E_ALL|E_STRICT);
require_once('../lib/config.inc.php');
require_once('../lib/app.inc.php');
$app->uses('tpl');
$app->tpl->newTemplate('main.tpl.htm');
/*
// Checke User Login and current module
if(!is_array($_SESSION["s"]['user']) or !is_array($_SESSION["s"]["module"])) {
// Loading Login Module
include_once('login/lib/module.conf.php');
$_SESSION["s"]['module'] = $module;
$topnav[] = array( 'title' => "Login",
'active' => 1);
$module = null;
unset($module);
} else {
// Loading modules of the user and building top navigation
$modules = explode(',',$_SESSION["s"]["user"]["modules"]);
if(is_array($modules)) {
foreach($modules as $mt) {
if(is_file($mt."/lib/module.conf.php")) {
include_once($mt."/lib/module.conf.php");
$active = ($module["name"] == $_SESSION["s"]["module"]["name"])?1:0;
$topnav[] = array( 'title' => $app->lng($module["title"]),
'active' => $active,
'module' => $module["name"]);
}
}
}
}
// Topnavigation
$app->tpl->setLoop('nav_top',$topnav);
// Loading Module part
$app->tpl->setInclude('module_tpl',$_SESSION["s"]["module"]["template"]);
// translating module navigation
$nav_translated = array();
if(is_array($_SESSION["s"]["module"]["nav"])) {
foreach($_SESSION["s"]["module"]["nav"] as $nav) {
$tmp_items = array();
foreach($nav["items"] as $item) {
$item["title"] = $app->lng($item["title"]);
$tmp_items[] = $item;
}
$nav["title"] = $app->lng($nav["title"]);
$nav["items"] = $tmp_items;
$nav_translated[] = $nav;
}
} else {
$nav_translated = null;
}
// Loading left navigation
//$app->tpl->setLoop('nav_left',$_SESSION["s"]["module"]["nav"]);
$app->tpl->setLoop('nav_left',$nav_translated);
// Setting startpage
$app->tpl->setVar('startpage',$_SESSION["s"]["module"]["startpage"]);
$app->tpl->setVar('navframe_page',$_SESSION["s"]["module"]["navframe_page"]);
*/
$app->tpl_defaults();
$app->tpl->pparse();
<?php
/*
Copyright (c) 2007, Till Brehm, projektfarm Gmbh
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
error_reporting(E_ALL|E_STRICT);
require_once('../lib/config.inc.php');
require_once('../lib/app.inc.php');
$app->uses('tpl');
$app->tpl->newTemplate('main.tpl.htm');
$app->tpl_defaults();
$app->tpl->pparse();
?>
\ No newline at end of file
This diff is collapsed.
<?php
/*
Copyright (c) 2007, Till Brehm, projektfarm Gmbh
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
require_once('../lib/config.inc.php');
require_once('../lib/app.inc.php');
$app->uses('tpl');
//die('HHH');
//** Top Naviation
if(isset($_GET['nav']) && $_GET['nav'] == 'top') {
$app->tpl->newTemplate('topnav.tpl.htm');
//* Check User Login and current module
if(!isset($_SESSION['s']['user']) or !is_array($_SESSION['s']['user']) or !is_array($_SESSION['s']['module'])) {
//* Loading Login Module
include_once('login/lib/module.conf.php');
$_SESSION['s']['module'] = $module;
$topnav[] = array( 'title' => 'Login',
'active' => 1);
$module = null;
unset($module);
} else {
//* Loading modules of the user and building top navigation
$modules = explode(',', $_SESSION['s']['user']['modules']);
if(is_array($modules)) {
foreach($modules as $mt) {
if(is_file($mt.'/lib/module.conf.php')) {
include_once($mt.'/lib/module.conf.php');
$active = ($module['name'] == $_SESSION['s']['module']['name']) ? 1 : 0;
$topnav[] = array( 'title' => $app->lng($module['title']),
'active' => $active,
'module' => $module['name']);
}
}
}
}
//* Topnavigation
$app->tpl->setLoop('nav_top',$topnav);
}
//** Side Naviation
if(isset($_GET['nav']) && $_GET['nav'] == 'side') {
$app->tpl->newTemplate('sidenav.tpl.htm');
//* translating module navigation
$nav_translated = array();
if(isset($_SESSION['s']['module']['nav']) && is_array($_SESSION['s']['module']['nav'])) {
foreach($_SESSION['s']['module']['nav'] as $nav) {
$tmp_items = array();
foreach($nav['items'] as $item) {
$item['title'] = $app->lng($item['title']);
$tmp_items[] = $item;
}
$nav['title'] = $app->lng($nav['title']);
$nav['startpage'] = $nav['items'][0]['link'];
$nav['items'] = $tmp_items;
$nav_translated[] = $nav;
}
} else {
$nav_translated = null;
}
$app->tpl->setLoop('nav_left',$nav_translated);
}
$app->tpl_defaults();
$app->tpl->pparse();
<?php
/*
Copyright (c) 2007, Till Brehm, projektfarm Gmbh
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice,
this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
* Neither the name of ISPConfig nor the names of its contributors
may be used to endorse or promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
require_once('../lib/config.inc.php');
require_once('../lib/app.inc.php');
$app->uses('tpl');
//** Top Naviation
if(isset($_GET['nav']) && $_GET['nav'] == 'top') {
$app->tpl->newTemplate('topnav.tpl.htm');
//* Check User Login and current module
if(isset($_SESSION["s"]["user"]) && $_SESSION["s"]["user"]['active'] == 1 && is_array($_SESSION['s']['module'])) {
//* Loading modules of the user and building top navigation
$modules = explode(',', $_SESSION['s']['user']['modules']);
if(is_array($modules)) {
foreach($modules as $mt) {
if(is_file($mt.'/lib/module.conf.php')) {
if(!preg_match("/^[a-z]{2,20}$/i", $mt)) die('module name contains unallowed chars.');
include_once($mt.'/lib/module.conf.php');
$active = ($module['name'] == $_SESSION['s']['module']['name']) ? 1 : 0;
$topnav[] = array( 'title' => $app->lng($module['title']),
'active' => $active,
'module' => $module['name']);
}
}
}
} else {
//* Loading Login Module
include_once('login/lib/module.conf.php');
$_SESSION['s']['module'] = $module;
$topnav[] = array( 'title' => 'Login',
'active' => 1);
$module = null;
unset($module);
}