added session handling and authorisation check

git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@142 c91229c3-7414-0410-bfa2-8a42b809f60b

added session handling and authorisation check
git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@142 c91229c3-7414-0410-bfa2-8a42b809f60b
michael
1 parent dba89e7a
Showing 1 changed file with 40 additions and 35 deletions
dashboard.php
@@ -31,43 +31,48 @@ require_once(&quot;$default-&gt;owl_fs_root/lib/visualpatterns/PatternTableSqlQuery.inc&quot;
 // page start
 // -------------------------------
  
-checkSession();
+if (checkSession()) {
  
-// check if this page is authorised, ie. has come from control.php
-if ($_SESSION["authorised"]) {
-    // create a page  
-    
-    // logo
-    $img = new PatternImage("$default->owl_root_url/locale/$default->owl_lang/graphics/$default->logo");
-    
-    // build the top menu of links
-    $aTopMenuLinks = array(0=>generateControllerUrl("LOGOUT"));
-    $aTopMenuText = array(0=>"logout");
-    $oPatternTableLinks = new PatternTableLinks($aTopMenuLinks, $aTopMenuText, 3, 1);
-    
-    // build the central dashboard
-    /*
-    $aCentralPageColumns = array(0=>"name",1=>"parent",2=>"security");
-    $aColumnTypes = array(0=>1,1=>2,2=>1);
-    $oTableSqlQuery = & new PatternTableSqlQuery("Folders", $aCentralPageColumns, $aColumnTypes); 
-    ($HTTP_GET_VARS["fStartIndex"]) ? $oTableSqlQuery->setStartIndex($HTTP_GET_VARS["fStartIndex"]) : $oTableSqlQuery->setStartIndex(0);
-    $oTableSqlQuery->setLinkType(1);
-    */
-    
-    /* get a page */
-    $tmp = new PatternMainPage();
-    
-    /* put the page together */
-    $tmp->setNorthWestPayload($img);
-    $tmp->setNorthPayload($oPatternTableLinks);
-    //$tmp->setCentralPayload($oTableSqlQuery);
-    $tmp->setFormAction("dashboard.php");
-    $tmp->render();
-    
+    // check if this page is authorised, ie. has come from control.php
+    if ($_SESSION["authorised"]) {
+        // create a page  
+        
+        // logo
+        $img = new PatternImage("$default->owl_root_url/locale/$default->owl_lang/graphics/$default->logo");
+        
+        // build the top menu of links
+        $aTopMenuLinks = array(0=>generateControllerUrl("logout"), 1=>generateControllerUrl("scratchPad"));
+        $aTopMenuText = array(0=>"logout", 1=>"scratchPad");
+        $oPatternTableLinks = new PatternTableLinks($aTopMenuLinks, $aTopMenuText, 3, 1);
+        
+        // build the central dashboard
+        /*
+        $aCentralPageColumns = array(0=>"name",1=>"parent",2=>"security");
+        $aColumnTypes = array(0=>1,1=>2,2=>1);
+        $oTableSqlQuery = & new PatternTableSqlQuery("Folders", $aCentralPageColumns, $aColumnTypes); 
+        ($HTTP_GET_VARS["fStartIndex"]) ? $oTableSqlQuery->setStartIndex($HTTP_GET_VARS["fStartIndex"]) : $oTableSqlQuery->setStartIndex(0);
+        $oTableSqlQuery->setLinkType(1);
+        */
+        
+        /* get a page */
+        $tmp = new PatternMainPage();
+        
+        /* put the page together */
+        $tmp->setNorthWestPayload($img);
+        $tmp->setNorthPayload($oPatternTableLinks);
+        //$tmp->setCentralPayload($oTableSqlQuery);
+        $tmp->setFormAction("dashboard.php");
+        $tmp->render();
+        
+    } else {
+        // FIXME: redirect to no permission page
+        print "you do not have access to view this page!  please go away, and come back when you do.<br>";
+        echo generateLink("logout") . "logout</a>";    
+    }
 } else {
-    // FIXME: redirect to no permission page
-    print "you do not have access to view this page!  please go away, and come back when you do.<br>";
-    echo generateLink("LOGOUT") . "logout</a>";    
+    // no session, should have been redirected
+    echo "no session<br>";
+    print_r($_SESSION);
 }
 ?>