= 9 || @$CURRENT_USER['accessList'][$tableName]['accessLevel'] >= 9; $hasUserAccess = @$CURRENT_USER['accessList']['all']['accessLevel'] >= 6 || @$CURRENT_USER['accessList'][$tableName]['accessLevel'] >= 6; if (!$hasAdminAccess && !$hasUserAccess) { alert("You don't have permissions to access this menu."); showInterface(''); } if (!$hasAdminAccess && !@$schema['createdByUserNum']) { alert("This section isn't configured to allow 'regular' user access.
\n"); alert("Ask the webmaster to give you 'Admin' access to this section or create a field called 'createdByUserNum'."); showInterface(''); } ### Limit access to records if (!$hasAdminAccess && @$FORM['num'] && @$schema['createdByUserNum'] && @$schema['menuType'] != 'single') { $query = "SELECT * FROM `$escapedTableName` WHERE num = '".mysql_real_escape_string($FORM['num'])."'"; $result = mysql_query($query) or die("MySQL Error: ". htmlspecialchars(mysql_error()) . "\n"); $record = mysql_fetch_assoc($result); if ($record['createdByUserNum'] && $CURRENT_USER['num'] != $record['createdByUserNum']) { alert("You don't have permission to access this record."); showInterface(''); exit; } } ### Dispatch actions $defaultAction = (@$schema['menuType'] == 'single') ? 'edit' : 'list'; $action = getRequestedAction($defaultAction); if ($action == 'list') { include('lib/menus/default/list.php'); } elseif ($action == 'listDragSort') { listDragSort(); } elseif ($action == 'add') { showMaxRecordsError(); showInterface('default/edit.php'); } elseif ($action == 'edit') { showInterface('default/edit.php'); } elseif ($action == 'erase') { eraseRecord(); } elseif ($action == 'save') { include('lib/menus/default/save.php'); } elseif ($action == 'uploadList') { include('lib/menus/default/uploadList.php'); } elseif ($action == 'uploadListReOrder') { uploadListReOrder(); } elseif ($action == 'uploadForm') { include('lib/menus/default/uploadForm.php'); } elseif ($action == 'uploadModify') { include('lib/menus/default/uploadModify.php'); } elseif ($action == 'uploadErase') { eraseUpload(); } elseif ($action == 'wysiwygUploads') { include('lib/menus/default/wysiwygUploads.php'); } elseif ($action == 'ajaxGetUsersAsPulldown') { ajaxGetUsersAsPulldown(); } elseif ($action == 'categoryMove') { categoryMove(); } else { alert("Unknown action '" . htmlspecialchars($action) . "'"); showInterface(''); exit; } ?>