'English', "_zh" => "Chinese", "_my" => "Malay", '_np' => "Nepali", '_md' => "Burmese", ]; if ( $_GET['app_view'] != "yes" ){ // check login status $system_login_cookies = $_COOKIE['system_login_cookies'] ; if ($_SESSION['system_id'] != '' && $_SESSION['system_name'] != '' && $_SESSION['system_branch'] != '' && $_SESSION["system_permission"] != ""){ $mysqli_user = $mysqli->query("SELECT * FROM system_user WHERE user_id = '".$_SESSION['system_id']."' AND user_name = '".$_SESSION['system_name']."' AND user_permission = '".$_SESSION['system_permission']."' AND user_branch = '".$_SESSION['system_branch']."' AND user_login_cookies = '".$system_login_cookies."' AND user_trash = '0' LIMIT 1") ; if ($mysqli_user->num_rows == 0 || trim($system_login_cookies) == ''){ // unset user session $all_session = array_keys($_SESSION); foreach ($all_session as $key){ unset($_SESSION[$key]); } // unset user cookie $expired_time = (time() - 3600) ; setcookie("system_id", $_SESSION['system_id'], $expired_time, "/") ; setcookie("system_name", $_SESSION['system_name'], $expired_time, "/") ; setcookie("system_branch", $_SESSION['system_branch'], $expired_time, "/") ; setcookie("system_permission", $_SESSION['system_permission'], $expired_time, "/") ; setcookie("system_login_cookies", '', $expired_time, "/") ; }else{ $check_user = true ; $row_user = $mysqli_user->fetch_array(MYSQLI_ASSOC) ; } } } // check user permission $system_permission = $_SESSION['system_permission'] ; $boolean_admin = ($system_permission == 'admin' ? true : false) ; $boolean_purchasing = ($system_permission == 'purchasing' ? true : false) ; $boolean_account = ($system_permission == 'account' ? true : false) ; $boolean_hr = ($system_permission == 'hr' ? true : false) ; $boolean_office_marketing = ($system_permission == 'office-marketing' ? true : false) ; $boolean_marketing = ($system_permission == 'marketing' ? true : false) ; $boolean_store = ($system_permission == 'store' ? true : false) ; $boolean_programmer = ($system_permission == 'programmer' ? true : false) ; $boolean_customer = ($system_permission == 'customer' ? true : false) ; // include file $get_lang = ( $_COOKIE['Lang'] != '' ? $_COOKIE['Lang'] : 'en' ) ; include __DIR__.'/../languages/'.$get_lang.'.php' ; if($row_user['user_permission'] == 'user'){ $array_staff_branch_123 = json_decode($row_user['user_permission_branch'],true); $user_branch_permission_sql_123 = ' and branch_id IN ('.implode(',', $array_staff_branch_123).') '; $user_branch_permission_sql = ' and branch_id IN ('.implode(',', $array_staff_branch_123).') '; $user_branch_permission_sql_a = ' and a.branch_id IN ('.implode(',', $array_staff_branch_123).') '; $user_branch_permission_sql_b = ' and b.branch_id IN ('.implode(',', $array_staff_branch_123).') '; // $staff_list = [] ; // $mysqli_staff = $mysqli->query( "SELECT staff_id, staff_name, staff_idno FROM staff // WHERE deleted_at IS NULL ".$user_branch_permission_sql_123) ; // if ( $mysqli_staff->num_rows > 0 ){ // while ( $row_staff = $mysqli_staff->fetch_assoc() ){ // $staff_list[] = $row_staff['staff_id']; // } // } // $user_branch_permission_sql_task = ' and a.created_by IN ('.implode(", ",$staff_list).') '; if(empty($_SESSION['url_get_branch_admin'])){ if (strpos($url_branch_ori, '&') == true || strpos($url_branch_ori, '?') == true || (strpos($url_branch_ori, '?') == true && strpos($url_branch_ori, '&') == true )) { $echo_script_url = ' '; }else{ $echo_script_url = ' '; } } } $url_get_branch_admin_get = $_GET['url_get_branch_admin_get']; $Current_Url = sprintf( '%s://%s/%s', isset($_SERVER['HTTPS']) ? 'https' : 'http', $_SERVER['HTTP_HOST'], trim($_SERVER['REQUEST_URI'],'/\\') ); $url_branch_ori = strip_param_from_url( $Current_Url, 'url_get_branch_admin_get' ); $mysqli_branch = $mysqli->query( "SELECT branch_id, branch_hq FROM branch WHERE deleted_at IS NULL ORDER BY branch_id DESC") ; if ( $mysqli_branch->num_rows > 0 ){ while ( $row_branch = $mysqli_branch->fetch_assoc() ){ if($row_branch['branch_hq'] >= 1 ){ $count_branch_selected++; $HQ_branch = $row_branch['branch_id']; } if($count_branch_selected <= 0){ $HQ_branch = $row_branch['branch_id']; } } } if($row_user['user_permission'] == 'admin'){ if(empty($_SESSION['url_get_branch_admin'])){ if (strpos($url_branch_ori, '&') == true || strpos($url_branch_ori, '?') == true || (strpos($url_branch_ori, '?') == true && strpos($url_branch_ori, '&') == true )) { $echo_script_url = ' '; }else{ $echo_script_url = ' '; } } } if($url_get_branch_admin_get != ''){ $_SESSION['url_get_branch_admin'] = $url_get_branch_admin_get; $echo_script_url = ' '; } function strip_param_from_url( $url, $param ) { $base_url = strtok($url, '?'); // Get the base url $parsed_url = parse_url($url); // Parse it $query = $parsed_url['query']; // Get the query string parse_str( $query, $parameters ); // Convert Parameters into array unset( $parameters[$param] ); // Delete the one you want $new_query = http_build_query($parameters); // Rebuilt query string return $base_url.'?'.$new_query; // Finally url is ready } // if($row_user['user_permission'] == 'admin'){ $user_branch_permission_sql = ' and branch_id = "'.$_SESSION['url_get_branch_admin'].'" '; $user_branch_permission_sql_a = ' and a.branch_id = "'.$_SESSION['url_get_branch_admin'].'" '; $user_branch_permission_sql_b = ' and b.branch_id = "'.$_SESSION['url_get_branch_admin'].'" '; $user_branch_permission_sql_d = ' and d.branch_id = "'.$_SESSION['url_get_branch_admin'].'" '; $user_branch_permission_sql_symbol = ' and branch like "%/'.$_SESSION['url_get_branch_admin'].'/%" '; if($_SESSION['url_get_branch_admin'] == 1){ $url_get_branch_admin_name = 'muar'; }elseif($_SESSION['url_get_branch_admin'] == 2){ $url_get_branch_admin_name = 'iskandar'; }elseif($_SESSION['url_get_branch_admin'] == 3){ $url_get_branch_admin_name = 'penan1'; }elseif($_SESSION['url_get_branch_admin'] == 4){ $url_get_branch_admin_name = 'asa'; } $user_branch_permission_sql_branch_name = ' and branch = "'.$url_get_branch_admin_name.'" '; $staff_list = [] ; $mysqli_staff = $mysqli->query( "SELECT staff_id, staff_name, staff_idno FROM staff WHERE deleted_at IS NULL ".$user_branch_permission_sql) ; if ( $mysqli_staff->num_rows > 0 ){ while ( $row_staff = $mysqli_staff->fetch_assoc() ){ $staff_list[] = $row_staff['staff_id']; } } $user_branch_permission_sql_task = ' and a.created_by IN ('.implode(", ",$staff_list).') '; // } // print_r($_SESSION['url_get_branch_admin']);exit(); ?>