<?php
	ob_start();
	header ("Expires: Thu, 17 May 2001 10:17:17 GMT");    			
	header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); 
	header ("Cache-Control: no-cache, must-revalidate");  			
	header ("Pragma: no-cache");                          			

	ini_set('session.gc_maxlifetime',86400); 
	ini_set('session.cookie_lifetime',86400);

	require_once ( 'set/config.php' );
	require_once ( CLASSES.'classes.php' );
	$timezone = "Asia/Manila";
	date_default_timezone_set($timezone);
	
	if(!isset($_SESSION[WEB_ABSTRACT])) {
		$parameter 	= isset($_REQUEST['parameter']) ? strtolower(trim($encryption->decrypt($_REQUEST['parameter']))) : "";
		// if($_SESSION['login_attempt']>=3) {
			// $parameter = "login-avail";
		// }
		// if($_SESSION['user_login_attempt']>=3) {
			// $parameter = "login-forgot-password";
		// }
		if( $parameter == "" OR  ($parameter != "login-process" && $parameter !="login-forgot-password" && $parameter !="login-forgot-password-process" && $parameter !="login-frm" && $parameter != "login-avail" && $parameter != "login-guest" && $parameter != "login-guest-frm" && $parameter != "guest-success" && $parameter != "guest-edit" && $parameter != "guest-wrong" && $parameter != "login-guest-tok" && $parameter != "guest-cap" && $parameter != "guest-closed" && $parameter != "guest-waiver" && $parameter != "guest-download")) {
			$parameter 	= "login-guest";
		}
	}
	else {
		$mode 		= isset($_REQUEST['mode']) ? strtolower(trim($encryption->decrypt($_REQUEST['mode']))) : "";
		$parameter 	= isset($_REQUEST['parameter']) ? strtolower(trim($encryption->decrypt($_REQUEST['parameter']))) : "";
	}
	
	$page_type 	= isset($_REQUEST['page_type']) ? strtolower(trim($encryption->decrypt($_REQUEST['page_type']))) : '1';
	
	//SET ACCESS RIGHTS HERE
	$permissions = $db->get_results("SELECT * FROM tbl_permissions p LEFT JOIN tbl_modules m ON m.module_id = p.module_id  WHERE user_id = '".$encryption->decrypt($_SESSION[WEB_ABSTRACT]['user_ids'])."' AND m.module_status = 1");
	$arr_perms = array();
	foreach($permissions as $permission) {
		$arr_perms[$permission->module_id]['permission_add'] 		= $permission->permission_add;
		$arr_perms[$permission->module_id]['permission_edit'] 		= $permission->permission_edit;
		$arr_perms[$permission->module_id]['permission_delete'] 	= $permission->permission_delete;
		$arr_perms[$permission->module_id]['permission_upload'] 	= $permission->permission_upload;
		$arr_perms[$permission->module_id]['permission_print'] 		= $permission->permission_print;
		$arr_perms[$permission->module_id]['permission_view']		= $permission->permission_view;
		$arr_perms[$permission->module_id]['permission_verify'] 	= $permission->permission_verify;
		$arr_perms[$permission->module_id]['permission_unverify'] 	= $permission->permission_unverify;
		$arr_perms[$permission->module_id]['permission_generate'] 	= $permission->permission_generate;
		$arr_perms[$permission->module_id]['permission_export'] 	= $permission->permission_export;
		$arr_perms[$permission->module_id]['permission_post'] 		= $permission->permission_post;
		$arr_perms[$permission->module_id]['permission_notify'] 	= $permission->permission_notify;
		$arr_perms[$permission->module_id]['permission_tag'] 		= $permission->permission_tag;
	}
	
	//SUPER ADMIN ACCESS BY DEFAULT IS FULL
	if($encryption->decrypt($_SESSION[WEB_ABSTRACT]['user_ids']) == 1) {
		$modules_super = $db->get_results("SELECT * FROM tbl_modules WHERE module_status = 1");
		foreach($modules_super as $mod_super) {
			$arr_perms[$mod_super->module_id]['permission_add'] 		= 1;
			$arr_perms[$mod_super->module_id]['permission_edit'] 		= 1;
			$arr_perms[$mod_super->module_id]['permission_delete'] 		= 1;
			$arr_perms[$mod_super->module_id]['permission_upload'] 		= 1;
			$arr_perms[$mod_super->module_id]['permission_print'] 		= 1;
			$arr_perms[$mod_super->module_id]['permission_view']		= 1;
			$arr_perms[$mod_super->module_id]['permission_verify'] 		= 1;
			$arr_perms[$mod_super->module_id]['permission_unverify'] 	= 1;
			$arr_perms[$mod_super->module_id]['permission_generate'] 	= 1;
			$arr_perms[$mod_super->module_id]['permission_export'] 		= 1;
			$arr_perms[$mod_super->module_id]['permission_post'] 		= 1;
			$arr_perms[$mod_super->module_id]['permission_notify'] 		= 1;
			$arr_perms[$mod_super->module_id]['permission_tag'] 		= 1;
		}
	}
	//SUPER ADMIN ACCESS BY DEFAULT IS FULL
	
	//SET ACCESS RIGHTS HERE

	
	$cur_user_id		= $encryption->decrypt($_SESSION[WEB_ABSTRACT]['user_ids']);
	$cur_userid			= $encryption->decrypt($_SESSION[WEB_ABSTRACT]['user_names']);
	$cur_user_name		= $encryption->decrypt($_SESSION[WEB_ABSTRACT]['user_names']);
	$cur_user_fullname	= $encryption->decrypt($_SESSION[WEB_ABSTRACT]['user_fullnames']);
	$cur_level			= $encryption->decrypt($_SESSION[WEB_ABSTRACT]['user_levels']);
	
	if($page_type == '1') {
		if($parameter == 'login-guest' OR $parameter == 'login-frm' OR $parameter == 'login-forgot-password' OR $parameter == 'login-process' OR $parameter == 'login-avail') {
            include LAYOUT."top-login.php";
			include MODULES."core.php";
			include MODULES.$module_filename;
		}
        else if ($parameter == "login-guest-frm" OR $parameter == "guest-edit") {
            include LAYOUT."top-guest.php";
            include LAYOUT."header.guest.php";
            include MODULES."core.php";
        }
        else if ($parameter == 'guest-success' OR $parameter == "guest-wrong" OR $parameter == 'login-guest-tok' OR $parameter == 'guest-cap' OR $parameter == 'guest-closed'){
			include LAYOUT."top-login-nobg.php";
			include MODULES."core.php";
			include MODULES.$module_filename;
		}
		else if($parameter == "guest-waiver" OR $parameter == "guest-download"){
			include MODULES."core.php";
			include MODULES.$module_filename;
		}
		
		else {
			include LAYOUT."top.php";
			include LAYOUT."sidebar.php";
			include LAYOUT."header.php";
			include MODULES."core.php";
			include MODULES.$module_filename;
			include LAYOUT."footer.php";
		}
	}
	else {
		include MODULES."core.php";
		include MODULES.$module_filename;
	}
	
	//FOR LOGS
	if($_POST || $_GET) {
		if(isset($_POST['form_action'])) {
			$mode 					= $form_action;
		}
		$log_data 					= array();
		$log_data['log_user'] 		= $cur_userid;
		$log_data['log_mode'] 		= $mode;
		$log_data['log_module'] 	= $mod;
		$logdata = array_merge($_POST,$_GET);
		if($record) {
			$logdata = array_merge($_POST,$_GET,get_object_vars($record));
		}
		$logdx = "";
		foreach($logdata as $varx => $logd) {
			$decr_l = $logd;
			if($logd == 'Array' || is_array($logd)) {
				$decr_l = implode(",", $_POST[$varx]);
			}
			if($record) {
				if($varx == 'parameter' || $varx == 'mode') {
					$decr_l = $encryption->decrypt($logd);
				}
			}
			elseif($varx == 'parameter' || $varx == 'id' || 
				$varx == 'form_action' || $varx == 'page_type' 
				|| $varx == 'mode') {
				$decr_l = $encryption->decrypt($logd);
			}
			$logdx .= $varx.": ".$decr_l.PHP_EOL;
		}
		
		if (!empty($_SERVER["HTTP_CLIENT_IP"])) {
			//check for ip from share internet
			$ip = $_SERVER["HTTP_CLIENT_IP"];
		}
		elseif (!empty($_SERVER["HTTP_X_FORWARDED_FOR"])) {
			// Check for the Proxy User
			$ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
		}
		else {
			$ip = $_SERVER["REMOTE_ADDR"];
		}
		
		$log_data['log_data'] 		= $logdx;
		$log_data['log_ip'] 		= $ip;
		$log_data['user_agent'] 	= $_SERVER['HTTP_USER_AGENT'];
		$log_data['branch_code'] 	= $cur_branchcode;
		$log_data['log_datetime'] 	= date('Y-m-d H:i:s');
		$added						= $sql_custom->insert_all("tbl_activity_log",$log_data);
	}
	
	ob_end_flush();
?>