window.location.href='$path';"; } exit; } // Permission helpers function canView($page = null) { if (isAdmin()) return true; if ($page) { return $_SESSION['permissions'][$page]['view'] ?? false; } return $_SESSION['can_view'] ?? false; } function canAdd($page = null) { if (isAdmin()) return true; if ($page) { return $_SESSION['permissions'][$page]['add'] ?? false; } return $_SESSION['can_add'] ?? false; } function canEdit($page = null) { if (isAdmin()) return true; if ($page) { return $_SESSION['permissions'][$page]['edit'] ?? false; } return $_SESSION['can_edit'] ?? false; } function canDelete($page = null) { if (isAdmin()) return true; if ($page) { return $_SESSION['permissions'][$page]['delete'] ?? false; } return $_SESSION['can_delete'] ?? false; } function canViewInternal() { return canView('internal'); } // Fetch user info (theme and permissions) $user_theme = 'light'; $current_user = null; if (isLoggedIn()) { $stmt = db()->prepare("SELECT * FROM users WHERE id = ?"); $stmt->execute([$_SESSION['user_id']]); $current_user = $stmt->fetch(); if ($current_user) { $user_theme = $current_user['theme'] ?: 'light'; $_SESSION['can_view'] = (bool)$current_user['can_view']; $_SESSION['can_add'] = (bool)$current_user['can_add']; $_SESSION['can_edit'] = (bool)$current_user['can_edit']; $_SESSION['can_delete'] = (bool)$current_user['can_delete']; $_SESSION['name'] = $current_user['full_name'] ?: $current_user['username']; $_SESSION['user_role'] = strtolower($current_user['role']); $_SESSION['role'] = strtolower($current_user['role']); // Load granular permissions if (!isset($_SESSION['permissions']) || empty($_SESSION['permissions'])) { $perm_stmt = db()->prepare("SELECT * FROM user_permissions WHERE user_id = ?"); $perm_stmt->execute([$_SESSION['user_id']]); $perms = $perm_stmt->fetchAll(); $_SESSION['permissions'] = []; foreach ($perms as $p) { $_SESSION['permissions'][$p['page']] = [ 'view' => (bool)$p['can_view'], 'add' => (bool)$p['can_add'], 'edit' => (bool)$p['can_edit'], 'delete' => (bool)$p['can_delete'] ]; } } } } // Auth Check (after fetch to ensure session is updated) if (!isLoggedIn() && basename($_SERVER['PHP_SELF']) !== 'login.php' && basename($_SERVER['PHP_SELF']) !== 'forgot_password.php') { redirect('login.php'); } // Fetch charity info for header/favicon $charity_stmt = db()->query("SELECT * FROM charity_settings WHERE id = 1"); $charity_info = $charity_stmt->fetch(); ?> <?= htmlspecialchars($charity_info['charity_name'] ?? 'نظام إدارة البريد') ?>
Logo
  • لوحة التحكم
    • البريد الخارجي
  • البريد الوارد
  • البريد الصادر
    • البريد الداخلي
  • الوارد الداخلي
  • الصادر الداخلي
    • التقارير
  • بريد متأخر
  • مهامي الحالية
    • الإدارة
  • إدارة المستخدمين
  • الإعدادات
  • سجل المراسلات
    • الحساب
  • الملف الشخصي
  • الوضع الليلي
  • تسجيل الخروج
  • الملف الشخصي
  • خروج