MAINHACK

Viewing / Editing File: side.php

<?php

// Retrieve session variables securely

$username = $_SESSION['username_Xw211qAAsq4'] ?? '';

$shopname = $_SESSION['business_name_Xw211qAAsq4'] ?? '';

// Function to fetch all permissions for a non-Admin user

function getUserPermissions($db, $username, $shopname, $account_type) {

$permissions = [];

if ($account_type !== 'Owner') {

$stmt = $db->prepare("SELECT page_name, status FROM role_permissions WHERE business_name = ? AND type = ?");

$stmt->bind_param("ss", $shopname, $account_type);

$stmt->execute();

$result = $stmt->get_result();

while ($row = $result->fetch_assoc()) {

$permissions[$row['page_name']] = $row['status'] == '1';

}

return $permissions;

}

// Function to check if a page is accessible

function hasPermission($permissions, $page_name, $isAdmin) {

return $isAdmin || (isset($permissions[$page_name]) && $permissions[$page_name]);

}

// Fetch user account type using PDO (consistent with original)

$stmt = $con->prepare("SELECT account_type FROM barber_admin WHERE username = ? AND business_name = ?");

$stmt->execute([$username, $shopname]);

$account_type = $stmt->fetch(PDO::FETCH_ASSOC)['account_type'] ?? '';

$isAdmin = $account_type === 'Owner';

// Fetch all permissions for non-Admin users once

$permissions = getUserPermissions($new, $username, $shopname, $account_type);

<?= htmlspecialchars($shopname) ?>

</a>

</button>

</div>

<li>

Dashboard

</a>

</li>

<li>

Services

</a>

<?php if (hasPermission($permissions, 'Service Category', $isAdmin)): ?>

<li><a href="service-category">Category</a></li>

<?php endif; ?>

<?php if (hasPermission($permissions, 'Service', $isAdmin)): ?>

<li><a href="services">All Service</a></li>

<?php endif; ?>

</ul>

</li>

<li>

Sales

</a>

<?php if (hasPermission($permissions, 'In-House Sales', $isAdmin)): ?>

<li><a href="today-sales">Service sales</a></li>

<?php if (hasPermission($permissions, 'Product Stock', $isAdmin)): ?>

<li><a href="pos">Product sales</a></li>

<?php endif; ?>

<li><a href="copy_appointment">Online Booking</a></li>

<?php endif; ?>

</ul>

</li>

<li>

Products

</a>

<?php if (hasPermission($permissions, 'Suppliers', $isAdmin)): ?>

<li><a href="suppliers">Suppliers</a></li>

<?php endif; ?>

<?php if (hasPermission($permissions, 'Product Stock', $isAdmin)): ?>

<li><a href="product-stock">Product Stock</a></li>

<?php endif; ?>

<?php if (hasPermission($permissions, 'Product Sales', $isAdmin)): ?>

<li><a href="product-sales">Product Sales</a></li>

<?php endif; ?>

<?php if (hasPermission($permissions, 'Product Out of Stock', $isAdmin)): ?>

<li><a href="out-of-stock">Out of Stock</a></li>

<?php endif; ?>

<?php if (hasPermission($permissions, 'Add New Stock', $isAdmin)): ?>

<li><a href="add-new-stock">Add New Stock</a></li>

<?php endif; ?>

</ul>

</li>

<li>

Purchases

</a>

<?php if (hasPermission($permissions, 'Vendors', $isAdmin)): ?>

<li><a href="vendors">Vendors</a></li>

<?php endif; ?>

<?php if (hasPermission($permissions, 'Expenses', $isAdmin)): ?>

<li><a href="add-new-stock">Purchase Order</a></li>

<li><a href="expenses">Expenses</a></li>

<?php endif; ?>

</ul>

</li>

<?php if (hasPermission($permissions, 'Admin Booking', $isAdmin)): ?>
 <li>
 <a href="admin_booking" class="waves-effect">
 
 Admin Booking
 </a>
 </li>
 <?php endif; ?>

<li>

Staff

</a>

<?php if (hasPermission($permissions, 'Employee', $isAdmin)): ?>

<li><a href="department">Department</a></li>

<li><a href="employees">Employees</a></li>

<?php endif; ?>

<li><a href="employee-schedule">Employees Schedule</a></li>

<?php if (hasPermission($permissions, 'Commission Rate', $isAdmin)): ?>

<li><a href="commission-rate">Commission Rate</a></li>

<?php endif; ?>

<?php if (hasPermission($permissions, 'Payroll', $isAdmin)): ?>

<li><a href="payroll">Record Payroll</a></li>

<?php endif; ?>

<?php if (hasPermission($permissions, 'Manage Users', $isAdmin)): ?>

<li><a href="manage-users">Account Managers</a></li>

<?php endif; ?>

<?php if (hasPermission($permissions, 'Role Permissions', $isAdmin)): ?>

<li><a href="role-permissions">Role Permission</a></li>

<?php endif; ?>

</ul>

</li>

<?php if (hasPermission($permissions, 'Customers', $isAdmin)): ?>

<li>

Customers

</a>

</li>

<?php endif; ?>

<li>

Campaigns

</a>

</ul>

</li>

<li>

Reports

</a>

<?php if (hasPermission($permissions, 'Sales Report', $isAdmin)): ?>

<li><a href="sales_report">Sales Report</a></li>

<?php endif; ?>

<?php if (hasPermission($permissions, 'Commission Rate', $isAdmin)): ?>

<li><a href="comission_report">Commission Report</a></li>

<?php endif; ?>

<?php if (hasPermission($permissions, 'Expenses Report', $isAdmin)): ?>

<li><a href="expenses_report">Expenses Report</a></li>

<?php endif; ?>

<?php if (hasPermission($permissions, 'Customers Report', $isAdmin)): ?>

<li><a href="customer_report">Customer Report</a></li>

<?php endif; ?>

<?php if (hasPermission($permissions, 'Products Report', $isAdmin)): ?>

<li><a href="product_report">Products Report</a></li>

<?php endif; ?>

</ul>

</li>

</ul>

</div>

</div>

Cancel / Back

[ MAINHACK ]

Viewing / Editing File: side.php

Server Info

System Features

User Info