X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=includes%2Fcurrent_user.inc;h=99d314770b6f5952cd723d940ee2c19b24c02d9b;hb=967f3b0f52a7f6e4afedea35bf2303414a41022f;hp=77e8dc3e471707e139509000211a9548ccc27017;hpb=902f1015d874c33bd7946b17de2ad80b4f2144b6;p=fa-stable.git

diff --git a/includes/current_user.inc b/includes/current_user.inc
index 77e8dc3e..99d31477 100644
--- a/includes/current_user.inc
+++ b/includes/current_user.inc
@@ -25,7 +25,7 @@ class current_user
 	var $timeout;
 	var $last_act;
 	var $role_set = false;
-	
+	var $old_db;	
 	var $logged;
 	var $ui_mode = 0;
 	
@@ -54,7 +54,7 @@ class current_user
 
 	function login($company, $loginname, $password)
 	{
-		global $security_areas, $security_groups, $security_headings;
+		global $security_areas, $security_groups, $security_headings, $path_to_root;
 		
 		$this->set_company($company);
 	    $this->logged = false;
@@ -64,14 +64,16 @@ class current_user
 		if (db_num_rows($Auth_Result) > 0)
 		{
 			$myrow = db_fetch($Auth_Result);
+			$this->old_db = isset($myrow["full_access"]);
 			if (! @$myrow["inactive"]) {
-				if (isset($myrow["full_access"])) { 
+				if ($this->old_db) { 
 					// Transition code:
 					// db was not yet upgraded after source update to v.2.2
 					// give enough access for admin user to continue upgrade
 					if (!isset($security_groups) || !isset($security_headings)) {
 						echo "<center><br><br><font size='5' color='red'><b>";
 						echo _('Before software upgrade you have to include old $security_groups and $security_headings arrays from old config.php file to the new one.');
+						echo '<br>'."<a href=$path_to_root/index.php>"._("Back")."</a>";
 						echo "</b></font><br><br></center>";
 						exit;
 					}
@@ -115,18 +117,16 @@ class current_user
 	function check_user_access()
 	{
 		global $security_groups;
-		if (isset($security_groups)) {
+		if ($this->old_db) {
 			// notification after upgrade from pre-2.2 version
-//			display_notification(_("After database upgrade don't forget to remove \$security_groups and \$security_headings from config.php file!"));
-			return is_array(@$security_groups[$this->access]);
+			return isset($security_groups) && is_array(@$security_groups[$this->access]);
 		} else
-			return is_array($this->role_set);
+			return !isset($security_groups) && is_array($this->role_set);
 	}
 
-	function can_access_page($page_level)
+	function can_access($page_level)
 	{
 		global $security_groups, $security_areas;
-
 		if (isset($security_groups)) {
 			return $this->company == 0 &&
 				in_array(20, $security_groups[$this->access]);
@@ -134,17 +134,26 @@ class current_user
 
 		if ($page_level === 'SA_OPEN') 
 			return true;
+		if ($page_level === 'SA_DENIED' || $page_level === '') 
+			return false;
+
 		$code = $security_areas[$page_level][0];
+
 		// only first registered company has site admin privileges
 		return $code && in_array($code, $this->role_set)
-			&& ($this->company == 0 || ($code&~0xff != SS_SADMIN));
+			&& ($this->company == 0 || (($code&~0xff) != SS_SADMIN));
+	}
+
+	function can_access_page($page_level)
+	{
+		return $this->can_access($page_level);
 	}
 
-	function get_db_connection()
+	function get_db_connection($id=-1)
 	{
     	global $db_connections;
 
-    	$connection = $db_connections[$this->company];
+    	$connection = $db_connections[$id == -1 ? $this->company : $id];
 
     	//print_r($connection);