<?= htmlspecialchars($sys_settings['site_name']) ?>

window.location.href='$path';"; } exit; } // Permission helpers function canView($page = null) { if (isAdmin()) return true; if ($page) { return $_SESSION['permissions'][$page]['view'] ?? false; } return $_SESSION['can_view'] ?? false; } function canAdd($page = null) { if (isAdmin()) return true; if ($page) { return $_SESSION['permissions'][$page]['add'] ?? false; } return $_SESSION['can_add'] ?? false; } function canEdit($page = null) { if (isAdmin()) return true; if ($page) { return $_SESSION['permissions'][$page]['edit'] ?? false; } return $_SESSION['can_edit'] ?? false; } function canDelete($page = null) { if (isAdmin()) return true; if ($page) { return $_SESSION['permissions'][$page]['delete'] ?? false; } return $_SESSION['can_delete'] ?? false; } function canViewInternal() { return canView('internal'); } // Now load centralized settings (which may use the helpers above) require_once __DIR__ . '/settings.php'; // Fetch user info (theme and permissions) $user_theme = 'light'; $current_user = null; if (isLoggedIn()) { $stmt = db()->prepare("SELECT * FROM users WHERE id = ?"); $stmt->execute([$_SESSION['user_id']]); $current_user = $stmt->fetch(); if ($current_user) { $user_theme = $current_user['theme'] ?: 'light'; $_SESSION['can_view'] = (bool)$current_user['can_view']; $_SESSION['can_add'] = (bool)$current_user['can_add']; $_SESSION['can_edit'] = (bool)$current_user['can_edit']; $_SESSION['can_delete'] = (bool)$current_user['can_delete']; $_SESSION['name'] = $current_user['full_name'] ?: $current_user['username']; $_SESSION['user_role'] = strtolower($current_user['role']); $_SESSION['role'] = strtolower($current_user['role']); $_SESSION['is_super_admin'] = (int)$current_user['is_super_admin']; // Load granular permissions if (!isset($_SESSION['permissions']) || empty($_SESSION['permissions'])) { $perm_stmt = db()->prepare("SELECT * FROM user_permissions WHERE user_id = ?"); $perm_stmt->execute([$_SESSION['user_id']]); $perms = $perm_stmt->fetchAll(); $_SESSION['permissions'] = []; foreach ($perms as $p) { $_SESSION['permissions'][$p['page']] = [ 'view' => (bool)$p['can_view'], 'add' => (bool)$p['can_add'], 'edit' => (bool)$p['can_edit'], 'delete' => (bool)$p['can_delete'], ]; } } } else { // User not found in DB but session exists - clean up session_destroy(); redirect('login.php'); } } // Auth Check (after fetch to ensure session is updated) if (!isLoggedIn() && basename($_SERVER['PHP_SELF']) !== 'login.php' && basename($_SERVER['PHP_SELF']) !== 'forgot_password.php' && basename($_SERVER['PHP_SELF']) !== 'install.php') { redirect('login.php'); } ?> <?= htmlspecialchars($sys_settings['site_name']) ?>