assetmgt/index.php

<?php
define('secure_admin_342642', true);

if (session_status() == PHP_SESSION_NONE) {
    session_start();
}
//=====================================
//INCLUDE CONSTANTS
//=====================================

include dirname(__FILE__).'/settings/config_redirector.php';
if (debug && debug_id == $_SESSION['id']){
    ini_set('display_errors', '1');
    ini_set('display_startup_errors', '1');
    error_reporting(E_ALL);  
}

//INCLUDE FUNCTIONS AND SETTINGS
include dirname(__FILE__).'/assets/functions.php';
include dirname(__FILE__).'/settings/settings_redirector.php';

//=====================================
//TRANSLATION FILE LOCATION
//=====================================

if (isset($_GET['language']) && $_GET['language'] !=''){
    //INCLUDE LANGUAGE FILE
    $api_file_language = './settings/translations/translations_'.strtoupper($_GET['language']).'.php';
    if (file_exists($api_file_language)){   
        include $api_file_language; //Include the code
        //DEFINE LANGUAGE
        $_SESSION['country_code'] = trim($_GET['language']);
    }
    else {
        include './settings/translations/translations_US.php';
        //DEFINE LANGUAGE
        $_SESSION['country_code'] = 'US';
    }

    //REMOVE FROM GET TO AVOID THAT LANGUAGE IS USED IN GET_VALUES FUNCTION
    unset($_GET['language']);
}
elseif(isset($_SESSION['country_code'])){
    $api_file_language = './settings/translations/translations_'.strtoupper($_SESSION['country_code']).'.php';
    if (file_exists($api_file_language)){   
        include $api_file_language; //Include the code
    }
    else {
        include './settings/translations/translations_US.php';
    }
} else {
    include './settings/translations/translations_US.php';
    //DEFINE LANGUAGE
    $_SESSION['country_code'] = 'US';
}
//=====================================
// Determine the base URL
//=====================================
$base_url = isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] === 'on' || $_SERVER['HTTPS'] === 1) || isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https' ? 'https' : 'http';
$base_url .= '://' . rtrim($_SERVER['HTTP_HOST'], '/');
$base_url .= $_SERVER['SERVER_PORT'] == 80 || $_SERVER['SERVER_PORT'] == 443 || strpos($_SERVER['HTTP_HOST'], ':') !== false ? '' : ':' . $_SERVER['SERVER_PORT'];
$base_url .= '/' . ltrim(substr(str_replace('\\', '/', realpath(__DIR__)), strlen($_SERVER['DOCUMENT_ROOT'])), '/');
define('base_url', rtrim($base_url, '/') . '/');


//=====================================
//CHECK USER SESSION
//=====================================
if (!isset($_SESSION['loggedin'])) {
    header('location: login.php');
    die();
}

if (isset($_GET['page']) && $_GET['page'] == 'logout') {
    session_destroy();
    header('location: login.php');
    die();
}

//=====================================
//DEFINE WHERE TO SEND THE USER TO. GET first assigned view in the profile if not available use dashboard
//=====================================
$allowed_views = explode(',',$_SESSION['profile']);
$ignoreViews = ['profile','assets','sales'];

// If dashboard is in the profile, prioritize it
if (in_array('dashboard', $allowed_views) && file_exists('dashboard.php')) {
    $allowed_views = 'dashboard';
} else {
    $allowed_views = findExistingView($allowed_views, 'dashboard', $ignoreViews);
} 

//=====================================
//FORWARD THE USER TO THE CORRECT PAGE
//=====================================
$page = isset($_GET['page']) && file_exists($_GET['page'] . '.php') ? $_GET['page'] : $allowed_views;

// Output error variable
$error = '';
// Include the requested page
include $page . '.php';

//=====================================
//debuglog
//=====================================

if (debug){
    $message = $date.';'.json_encode($_GET).';'.$_SESSION['username'];
    debuglog($message);
}