getMessage() . " in " . $exception->getFile() . " on line " . $exception->getLine()); }); } //INCLUDE FUNCTIONS AND SETTINGS include dirname(__FILE__).'/assets/functions.php'; include dirname(__FILE__).'/settings/settings_redirector.php'; include_once dirname(__FILE__).'/settings/countries.php'; //+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ //TOKEN REFRESH LOGIC //+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ // Token refresh buffer: refresh token 5 minutes (300 seconds) before expiry $token_refresh_buffer = 300; // Check if API token exists and is still valid if (!isset($_SESSION['authorization']['userkey']) || !isset($_SESSION['authorization']['token_valid']) || time() >= (strtotime($_SESSION['authorization']['token_valid']) - $token_refresh_buffer)) { // Token missing, expired, or about to expire - get new token if (isset($_SESSION['authorization']['refreshkey'])) { $api_url = '/v2/token_refresh/refreshkey='.$_SESSION['authorization']['refreshkey']; $responses = ioServer($api_url, ''); //Decode Payload if (!empty($responses)){$responses = json_decode($responses,true);}else{$responses = null;} if (isset($responses['userkey']) && isset($responses['token_valid'])) { // Update session with complete response (same as login.php) $_SESSION['authorization'] = $responses; session_regenerate_id(true); // Resets the session ID and timer to avoid user needs to relogin } else { // Token refresh failed - redirect to login session_destroy(); header('location: login.php?error=session_expired'); die(); } } else { // No refreshkey available - redirect to login session_destroy(); header('location: login.php?error=session_expired'); die(); } } //+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ //GET USER PERMISSION ASSIGNED //+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ if (!isset($_SESSION['authorization']['id']) && isset($_SESSION['authorization']['userkey'])){ $api_url = '/v2/user_permissions/userkey='.$_SESSION['authorization']['userkey']; $responses = ioServer($api_url,''); //Decode Payload if (!empty($responses)){$responses = json_decode($responses,true);}else{$responses = null;} //STORE DATA IN SESSION if (is_array($responses) && !isset($responses['error_code'])) { foreach($responses as $key => $value){ $_SESSION['authorization'][$key] = $value; } } else { // API call failed or returned error - redirect to login with error message session_destroy(); header('location: login.php?error=session_expired'); die(); } } if (debug && debug_id == $_SESSION['authorization']['id']){ ini_set('display_errors', '1'); ini_set('display_startup_errors', '1'); error_reporting(E_ALL); } //===================================== //TRANSLATION FILE LOCATION //===================================== if (isset($_GET['language']) && $_GET['language'] !=''){ //INCLUDE LANGUAGE FILE $api_file_language = './settings/translations/translations_'.strtoupper($_GET['language']).'.php'; if (file_exists($api_file_language)){ include $api_file_language; //Include the code //DEFINE LANGUAGE $_SESSION['country_code'] = trim($_GET['language']); } else { include './settings/translations/translations_US.php'; //DEFINE LANGUAGE $_SESSION['country_code'] = 'US'; } //REMOVE FROM GET TO AVOID THAT LANGUAGE IS USED IN GET_VALUES FUNCTION unset($_GET['language']); } elseif(isset($_SESSION['country_code'])){ $api_file_language = './settings/translations/translations_'.strtoupper($_SESSION['country_code']).'.php'; if (file_exists($api_file_language)){ include $api_file_language; //Include the code } else { include './settings/translations/translations_US.php'; } } else { include './settings/translations/translations_US.php'; //DEFINE LANGUAGE $_SESSION['country_code'] = 'US'; } //===================================== // Determine the base URL //===================================== $base_url = isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] === 'on' || $_SERVER['HTTPS'] === 1) || isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https' ? 'https' : 'http'; $base_url .= '://' . rtrim($_SERVER['HTTP_HOST'], '/'); $base_url .= $_SERVER['SERVER_PORT'] == 80 || $_SERVER['SERVER_PORT'] == 443 || strpos($_SERVER['HTTP_HOST'], ':') !== false ? '' : ':' . $_SERVER['SERVER_PORT']; $base_url .= '/' . ltrim(substr(str_replace('\\', '/', realpath(__DIR__)), strlen($_SERVER['DOCUMENT_ROOT'])), '/'); define('base_url', rtrim($base_url, '/') . '/'); //+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ // SIMPLE ROUTING SYSTEM //+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ if (isset($_GET['page'])) { $page = $_GET['page']; } else { // Get first available page from user's permissions using the menu structure $default_page = null; if (!empty($_SESSION['authorization']['permissions'])) { include_once dirname(__FILE__).'/settings/settingsmenu.php'; $filteredMenu = filterMenuByPermissions($main_menu, $_SESSION['authorization']['permissions']); // Get first menu item's URL as default page foreach ($filteredMenu as $section) { if (isset($section['main_menu']['url'])) { $default_page = $section['main_menu']['url']; break; } } } $page = $default_page ?? 'dashboard'; } // Sanitize page parameter to prevent directory traversal $page = preg_replace('/[^a-zA-Z0-9_-]/', '', $page); $page_file = $page . '.php'; // Output error variable $error = ''; try { $file_exists = file_exists($page_file); $is_allowed = $file_exists ? isAllowed($page, $_SESSION['authorization']['permissions'], $_SESSION['authorization']['permission'], 'R') : 0; if ($file_exists && $is_allowed !== 0) { include $page_file; } else { // Show error page for missing files or unauthorized access $page_exists = file_exists($page_file); $error_title = $page_exists ? 'Access Denied' : 'Page Not Found'; $error_message = $page_exists ? 'You do not have permission to access this page.' : 'The requested page "' . htmlspecialchars($page) . '" could not be found.'; $error_icon = $page_exists ? 'fa-solid fa-lock' : 'fa-solid fa-file-circle-xmark'; template_header($error_title, ''); echo '

' . $error_title . '

' . $error_message . '

Please check the URL or navigate using the menu.

'; template_footer(); } } catch (Exception $e) { // Handle any errors during page inclusion if (debug) { debuglog("Error loading page {$page}: " . $e->getMessage()); } template_header('System Error', ''); echo '

System Error

An error occurred while loading the page.

Please try again or contact the system administrator.

'; template_footer(); } //===================================== //debuglog //===================================== if (debug){ $message = $date.';'.json_encode($_GET).';'.$_SESSION['authorization']['clientID']; debuglog($message); }