diff --git a/config.inc.php.example b/config.inc.php.example
index 1d6e20c..d929c7a 100755
--- a/config.inc.php.example
+++ b/config.inc.php.example
@@ -16,4 +16,27 @@
$yaptc_incweb = $yaptc_webpath . 'includes/';
$yaptc_lib = $yaptc_dirpath . 'lib/';
$yaptc_libweb = $yaptc_webpath . 'lib/';
+
+function getSessionStatus(){
+ if (!isset($_SESSION['user_id']) || !isset($_SESSION['signature']) || !isset($_SESSION['loggedIn']) || $_SESSION['loggedIn'] != true || $_SESSION['signature'] != md5($_SESSION['user_id'] . $_SERVER['HTTP_USER_AGENT']))
+ {
+ return false;
+ } else {
+ return true;
+ }
+}
+
+function getSessionAccess($sql){
+ if (isset($_SESSION['user_id']))
+ {
+ $query3 = "SELECT users.id as userid, usertypes.typename AS usertype FROM users, usertypes WHERE users.id = :id";
+ $stmt3 = $sql->prepare($query3);
+ $stmt3->execute(array(':id' => $_SESSION['user_id']));
+ $user3 = $stmt3->fetchObject();
+ return $user3->usertype;
+ }
+}
+
+
+
?>
diff --git a/includes/menu.inc.php b/includes/menu.inc.php
index 3aa7b12..3ea0cdf 100755
--- a/includes/menu.inc.php
+++ b/includes/menu.inc.php
@@ -10,27 +10,41 @@
';} else {echo '>';} echo 'Login';
+// Get login status and access level
+if (getSessionStatus() == true) { $userLogged = true; $userAccess = getSessionAccess($sql); } else { $userLogged = false; $userAccess = ""; }
+// All menu options - only ones with permissions allowed are shown to logged-in users.
+// Home
+if ($userLogged == true) {
+ echo '
diff --git a/schema.mysql b/schema.mysql
index 3c9e987..3ed7c05 100755
--- a/schema.mysql
+++ b/schema.mysql
@@ -1,6 +1,8 @@
+CREATE DATABASE IF NOT EXISTS `yaptc` /*!40100 DEFAULT CHARACTER SET latin1 */;
+USE `yaptc`;
-- MySQL dump 10.13 Distrib 5.5.41, for debian-linux-gnu (i686)
--
--- Host: localhost Database: yaptc
+-- Host: 127.0.0.1 Database: yaptc
-- ------------------------------------------------------
-- Server version 5.5.41-0ubuntu0.14.04.1
@@ -63,7 +65,7 @@ CREATE TABLE `users` (
PRIMARY KEY (`id`),
KEY `usertype` (`usertype`),
CONSTRAINT `users_ibfk_1` FOREIGN KEY (`usertype`) REFERENCES `usertypes` (`id`)
-) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=utf8;
+) ENGINE=InnoDB AUTO_INCREMENT=6 DEFAULT CHARSET=utf8;
/*!40101 SET character_set_client = @saved_cs_client */;
--
@@ -72,7 +74,7 @@ CREATE TABLE `users` (
LOCK TABLES `users` WRITE;
/*!40000 ALTER TABLE `users` DISABLE KEYS */;
-INSERT INTO `users` VALUES (00000000001,'jnorth','$2a$08$XNSfZQrDFRvQBwhAbt1t1.sq1DujMbcsaueWVczN8Jgb/VynnBHE6','josh.north@point808.com','2015-02-10 23:09:48','Josh','North',00000000001),(00000000003,'testuser','$2a$08$9Q7brl4YuNY9nwTD4L00Te6FKvXbjDRwNIMbVEUG0dSCVgKYatLO2','test@point808.com','2015-02-12 08:27:48','Test','User',00000000001);
+INSERT INTO `users` VALUES (00000000001,'admin','$2a$08$6WUE0S4UEYJO5.GMoCzjAO.W8y4Gage/tC7.SWEppWxwQO2ccjMgy','admin@example.com','2015-02-18 19:50:31','System','Administrator',00000000001);
/*!40000 ALTER TABLE `users` ENABLE KEYS */;
UNLOCK TABLES;
@@ -99,6 +101,10 @@ LOCK TABLES `usertypes` WRITE;
INSERT INTO `usertypes` VALUES (00000000001,'Administrator'),(00000000002,'User');
/*!40000 ALTER TABLE `usertypes` ENABLE KEYS */;
UNLOCK TABLES;
+
+--
+-- Dumping routines for database 'yaptc'
+--
/*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;
/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
@@ -109,4 +115,4 @@ UNLOCK TABLES;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
--- Dump completed on 2015-02-12 15:25:09
+-- Dump completed on 2015-02-18 19:57:14