science-ation/committee_auth.php

49 lines
1023 B
PHP

<?
$accesscache=array();
function auth_has_access($access="")
{
global $accesscache;
if(in_array($access,$accesscache))
{
if($accesscache[$access]=='Y') return true;
else return false;
}
else
{
$q=mysql_query("SELECT access_admin, access_config, access_super FROM committees_members WHERE email='".$_SESSION['email']."' AND id='".$_SESSION['committee_member_id']."' AND deleted='N'");
$r=mysql_fetch_object($q);
$accesscache['admin']=$r->access_admin;
$accesscache['config']=$r->access_config;
$accesscache['super']=$r->access_super;
switch($access)
{
case "config": if($r->access_config=='Y') return true; break;
case "admin": if($r->access_admin=='Y') return true; break;
case "super": if($r->access_super=='Y') return true; break;
default:
return false;
break;
}
}
return false;
}
function auth_required($access="")
{
global $config;
if(!auth_has_access($access))
{
header("Location: ".$config['SFIABDIRECTORY']."/committee_login.php");
exit;
}
}
?>