jerry
/
src.dualinventive.com
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
src.dualinventive.com/mtinfo/dist/webroot/main/app/index.php

106 lines
4.4 KiB
PHP
Raw Blame History

<?php
/** \file index.php
* \brief DI index page
* \author Bram Lentjes, Core|Vision
* \version 1.0
* \date 27-05-2013
*
* This file contains the index file.
*/
/*
* Required pages
*/
require_once('include/core_xml.php');
require_once('include/core.php');
require_once('app/include/app_definitions.php');
require_once('app/include/app_utilities.php');
require_once('app/include/app_touch_events.php');
// Go to page passed by href=
if (isset($_GET['href'])) {
// Check for local files => No links!!!
if (CheckDirectory(array($_SESSION[$_PAGE_INFO['id']]['base_path'] . "app/include",
$_SESSION[$_PAGE_INFO['id']]['base_path'] . "app/html/js",
$_SESSION[$_PAGE_INFO['id']]['base_path'] . "app/di_store",
$_SESSION[$_PAGE_INFO['id']]['base_path'] . "app/di_login",
$_SESSION[$_PAGE_INFO['id']]['base_path'] . "app/di_app_projects",
$_SESSION[$_PAGE_INFO['id']]['base_path'] . "app/di_app_news"),
realpath($_GET['redirect']))) {
DBG("checkdir");
}
$validUnauthPages = array(
'app/version/version.txt',
'app/di_login/login.php',
'app/di_login/a_login.php',
'app/di_app_news/a_get_news.php',
'app/di_app_news/app_news_index.php',
'app/di_app_signin/redirect_signin_login.php',
'app/di_app_signin/signin_login.php',
'app/di_app_signin/a_signin_login.php',
'app/di_app_projects/app_signin_project_index.php',
'app/di_app_signin/app_signin_index.php',
'app/di_app_signin/advertisement.php',
'app/di_app_signin/signin_send_sms.php',
'app/di_app_projects/check_in_out.php',
'app/di_app_projects/store_gps.php',
'app/di_app_projects/a_get_documents.php',
'app/di_app_projects/a_get_enquetes.php',
'app/di_app_projects/a_get_appointmentbook.php',
'app/di_app_projects/a_get_evaluations.php',
'app/di_app_projects/a_get_questions.php',
'app/di_app_projects/a_get_scans.php',
'app/di_app_projects/a_get_signinlist.php',
'app/di_app_projects/a_get_uploads.php',
'app/di_app_projects/a_store_evaluations.php',
'app/di_app_projects/add_button.php',
'app/di_app_projects/delete_item_trash.php',
'app/di_app_projects/delete_item_trash_1.php',
'app/di_app_projects/store_single_question.php',
'app/di_app_projects/store_flag.php',
'app/di_app_projects/store_evalution_in_session.php',
'app/di_app_projects/set_access_level.php',
'app/di_app_profile/app_profile_index.php',
'app/di_app_profile/a_get_profile.php',
'app/di_app_profile/add_profile.php',
'app/di_app_profile/import_profile.php',
'app/di_app_profile/store_profile.php',
'app/di_app_profile/store_profile_in_session.php',
'app/dummy_poll.php',
'app/include/check_project_transfer.php',
'app/include/upload_comment.php',
'app/include/upload_photo.php',
'app/include/project_transfer.php',
'app/di_app_profile/redirect_profile.php',
'app/di_app_dvp/store_dvp_data.php',
'app/di_app_dvp/get_dvp_data.php'
);
// When a user request an unauhtorized page or
// When he/she is logged on, has no .. in the URI
if (in_array($_GET['href'], $validUnauthPages) ||
(isset($_SESSION[$_PAGE_INFO['id']]['logged_on']) && strpos($_GET['href'], '..') === false)
) {
// The href must be relative to web-interface root directory (which is 1 level higher than this)
include(dirname(__DIR__) . '/' . $_GET['href']);
} elseif (($_GET['href'] == 'app/di_store/store_index.php') && !isset($_SESSION[$_PAGE_INFO['id']]['logged_on'])) {
// Go to the DI store
include('app/di_store/store_index.php');
} else {
// Only when session of the user is removed
if ($_GET['href'] == 'app/di_app_projects/a_get_projects.php') {
// Redirect page back to login page from normal
include('app/di_store/store_index.php');
} else {
// Redirect page back to login page from ajax xmlhttp
echo "<script type=\"text/javascript\">\n";
echo "window.open(getBaseURL());";
echo "</script>\n";
}
}
} else {
include('app/di_store/store_index.php');
}
?>
Reference in New Issue View Git Blame Copy Permalink