Does the getRevieweeIds command require machine permissions?

I'm getting an error in php when I try to use the command:

($user_obj->getRevieweeIds())

I get something like:

  

Access forbidden! You do not have permission to access the requested object. The object is protected against reading or the server does not   You can read it.

     

If you believe that this is a server error, please   notify the portal administrator.

     

Error 403 localhost Apache / 2.4.34 (Win32) OpenSSL / 1.0.2 or PHP / 5.6.37

The initial error goes like this:

List de Documentos', @$_REQUEST['last_message']); if($GLOBALS['CONFIG']['treeview'] != "On"){ sort_browser(); } $secureurl_obj = new phpsecureurl; $user_obj = new User($_SESSION['uid'], $GLOBALS['connection'], $GLOBALS['database']); if($user_obj->isReviewer() && sizeof($user_obj->getRevieweeIds()) > 0) { echo '
 **tiene '. sizeof($user_obj->getRevieweeIds()). ' documentos '; if (sizeof($user_obj->getRevieweeIds()) != 1) { echo 's'; } echo ' Para Revisar, haga click para ver detalle !**

'; } $rejected_files_obj = $user_obj->getRejectedFileIds(); if(isset($rejected_files_obj[0]) && $rejected_files_obj[0] != null) { echo ' '. sizeof($rejected_files_obj) . ' de sus documentos fueron rechazados! 
'; } $llen = $user_obj->getNumExpiredFiles(); if($llen > 0) { echo ' '. $llen . ' de su documento (s), expiraron! 
'; } // get a list of documents the user has "view" permission for // get current user's information-->department if(!isset($_GET['starting_index'])) { $_GET['starting_index'] = 0; } if(!isset($_GET['stoping_index'])) { $limit=$GLOBALS['CONFIG']['page_limit']; $_GET['stoping_index'] = ($_GET['starting_index']+$limit-1); } if(!isset($_GET['sort_by'])) { $_GET['sort_by'] = 'id'; } if(!isset($_GET['sort_order'])) { $_GET['sort_order'] = 'asc'; } if(!isset($_GET['page'])) { $_GET['page'] = 0; } //set values $page_url = $_SERVER['PHP_SELF'] . '?submit=true'; $user_perms = new UserPermission($_SESSION['uid'], $GLOBALS['connection'], $GLOBALS['database']); //$start_P = getmicrotime(); $file_id_array = $user_perms->getViewableFileIds(); //$end_P = getmicrotime(); $count = sizeof($file_id_array); //$lsort_b = getmicrotime(); $sorted_id_array = my_sort($file_id_array, $_GET['sort_order'], $_GET['sort_by']); //$lsort_e = getmicrotime(); //$sorted_obj_array = $user_perms->convertToFileDataOBJ($sorted_id_array); //$llist_b = getmicrotime(); // Patch by jonathanwminer if($GLOBALS['CONFIG']['treeview'] == "On") { $_GET['starting_index'] = 0; $_GET['stoping_index'] = sizeof($sorted_id_array); } if($GLOBALS['CONFIG']['treeview'] != 'On') { echo ''; echo '
'; list_files($sorted_id_array, $user_perms, $page_url, $GLOBALS['CONFIG']['dataDir'], $_GET['sort_order'], $_GET['sort_by'], $_GET['starting_index'], $_GET['stoping_index'], 'false','false'); $limit=$GLOBALS['CONFIG']['page_limit']; $total_hit = sizeof($file_id_array); list_nav_generator($total_hit, $limit, $GLOBALS['CONFIG']['num_page_limit'], $page_url, $_GET['page'], $_GET['sort_by'], $_GET['sort_order']);   //$llist_e = getmicrotime(); // clean up echo '
'; } if($GLOBALS['CONFIG']['treeview'] == 'On') { if(is_array($sorted_id_array) && $sorted_id_array[0] != '') { show_tree($sorted_id_array, $_GET['starting_index'], $_GET['stoping_index']); } } //draw_footer();  //echo '
Load Page Time: ' . (getmicrotime() - $start_time) . ' '; //echo '
Load Permission Time: ' . ($end_P - $start_P) . ' ';    //echo '
Load Sort Time: ' . ($lsort_e - $lsort_b) . ' ';    //echo '
Load Table Time: ' . ($llist_e - $llist_b) . ' ';   ?>

I have entered several forums but I have not worked the advice I have given, I do not know if something is missing from the directory or if it is a subject of permissions The version of the php is 5.6.

I thank you in advance if you can guide me.

Good evening this is the user_class Good evening this is the user_class

<?php
/*
User_class.php - Container for user related info
Copyright (C) 2002, 2003, 2004  Stephen Lawrence, Khoa Nguyen

This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
*/

if( !defined('User_class') )
{
  define('User_class', 'true', false);

  class User extends databaseData
  {
    var $root_username;
        /**
         * 
         * 
         **/
        function User($id, $connection, $database)
        {
                $this->root_username = $GLOBALS['CONFIG']['root_username'];
                $this->field_name = 'username';
                $this->field_id = 'id';
                $this->tablename = $GLOBALS['CONFIG']['db_prefix'] . $this->TABLE_USER;
                $this->result_limit = 1; //there is only 1 user with a certain user_name or user_id
            databaseData::setTableName($this->TABLE_USER);
            databaseData::databaseData($id, $connection, $database);
    }

    /**
     * Return department name for current user
     * @return string
     */
    function getDeptName()
    {
            $query = "SELECT {$GLOBALS['CONFIG']['db_prefix']}department.name FROM {$GLOBALS['CONFIG']['db_prefix']}department, {$GLOBALS['CONFIG']['db_prefix']}user WHERE {$GLOBALS['CONFIG']['db_prefix']}user.id = $this->id and {$GLOBALS['CONFIG']['db_prefix']}user.department={$GLOBALS['CONFIG']['db_prefix']}department.id";
            $result = mysql_query($query, $this->connection) or die("Error in query" .mysql_error() );
            if(mysql_num_rows($result)==1)
            {
                    list($department) = mysql_fetch_row($result);
                    return $department;
            }
            else
            {
                    $this->error = 'ID no Unico : ' . $this->uid;
            }
            return -1;
    }

    /**
    * Return department ID for current user
    * @return string
    */
    function getDeptId() {
        $query = "SELECT {$GLOBALS['CONFIG']['db_prefix']}user.department FROM {$GLOBALS['CONFIG']['db_prefix']}user WHERE {$GLOBALS['CONFIG']['db_prefix']}user.id = $this->id";
        $result = mysql_query($query, $this->connection) or die("Error in query".mysql_error());

        if (mysql_num_rows($result) == 1) {
            list($department) = mysql_fetch_row($result);
            return $department;
        }
        $this->error = 'ID no Unico: '.$this->id;
        return - 1;

    }

    /**
     * Return an array of publishable documents
     * @return array
     * @param object $publishable
     */
    function getPublishedData($publishable)
    {
            $data_published = array();
            $index = 0;
            $query = "SELECT {$GLOBALS['CONFIG']['db_prefix']}data.id FROM {$GLOBALS['CONFIG']['db_prefix']}data, {$GLOBALS['CONFIG']['db_prefix']}user WHERE {$GLOBALS['CONFIG']['db_prefix']}data.owner = $this->id and {$GLOBALS['CONFIG']['db_prefix']}user.id = {$GLOBALS['CONFIG']['db_prefix']}data.owner and {$GLOBALS['CONFIG']['db_prefix']}data.publishable = $publishable";
            $result = mysql_query($query, $this->connection) or die("Error in query: ". $query .mysql_error());
            while($index<mysql_num_rows($result))
            {
                    list($data_published[$index]) = mysql_fetch_row($result);
                    $index++;
            }
            return $data_published;
    }

    /**
     * Check whether user from object has Admin rights
     * @return Boolean
     */ 
    function isAdmin()
    {
            if ($this->isRoot())
            {
                return true;
            }
            $query = "SELECT {$GLOBALS['CONFIG']['db_prefix']}admin.admin FROM {$GLOBALS['CONFIG']['db_prefix']}admin WHERE {$GLOBALS['CONFIG']['db_prefix']}admin.id = $this->id";
            $result = mysql_query($query, $this->connection) or die("Error in querying: $query" . mysql_error() );
            if(mysql_num_rows($result) !=1 )
            {
                return false;
            }

            list($isadmin) = mysql_fetch_row($result);
            return $isadmin;
    }

    /**
     * Check whether user from object is root
     * @return 
     */
function isRoot()
{
    return ($this->root_username == $this->getName());
}

function getPassword()
{
    $query = "SELECT $this->tablename.password FROM $this->tablename WHERE $this->tablename.id=$this->id";
    $result = mysql_query($query, $this->connection) or die("Error in querying: $query" . mysql_error() );
    if(mysql_num_rows($result) !=1 )
    {
        header('Location:error.php?ec=14');
        exit;
    }
    else
    {
        list($passwd) = mysql_fetch_row($result);
        return $passwd;
    }
}

function changePassword($non_encrypted_password)
{
    $query = "UPDATE $this->tablename SET $this->tablename.password=password('". addslashes($non_encrypted_password) ."') WHERE $this->tablename.id=$this->id";
    $result = mysql_query($query, $this->connection) or die("Error in querying: $query" . mysql_error() );
    return true;
}

function validatePassword($non_encrypted_password)
{
    $query = "SELECT $this->tablename.username FROM $this->tablename WHERE $this->tablename.id=$this->id and password= password('". addslashes($non_encrypted_password) ."')";
    $result = mysql_query($query, $this->connection) or die("Error in querying: $query" . mysql_error() );
    if(mysql_num_rows($result) == 1)
            {
            return true;
            }
    return false;
}

function changeName($new_name)
{
    $query = "UPDATE $this->tablename SET $this->tablename.username='$new_name' WHERE $this->tablename.id=$this->id";
    $result = mysql_query($query, $this->connection) or die("Error in querying: $query" . mysql_error() );
    return true;
}

function isReviewer()
{
    $query = "SELECT * FROM {$GLOBALS['CONFIG']['db_prefix']}dept_reviewer where user_id = " . $this->id;
    $result = mysql_query($query, $this->connection) or die('Error in query: '. $query . mysql_error());
    if(mysql_num_rows($result) > 0)
    {
        return 1;
    }
    else
    {
        return 0;
    }
}
function getAllRevieweeIds() // this functions assume that you are a root thus allowing you to by pass everything
{
    $lquery = "SELECT id FROM {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DATA WHERE {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DATA.publishable = 0";
    $lresult = mysql_query($lquery, $this->connection) or die("Error in query: $query" . mysql_error());
    $lfile_data = array();
    $lnum_files = mysql_num_rows($lresult);
    for($lindex = 0; $lindex< $lnum_files; $lindex++)
    {
        list($lfid) = mysql_fetch_row($lresult);
        $lfile_data[$lindex] = $lfid;
    }
    return $lfile_data;
}
function getRevieweeIds() //return an array of files that need reviewing under this person
{
    if($this->isReviewer())
    {
        $query = "SELECT dept_id FROM {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DEPT_REVIEWER WHERE user_id = ".$this->id;
        $result = mysql_query($query, $this->connection) or die("Error in query: $query" . mysql_error());
        $num_depts = mysql_num_rows($result);
        $query = "SELECT id FROM {$GLOBALS['CONFIG']['db_prefix']}data WHERE (";
        for($index = 0; $index < $num_depts; $index++)
        {
            list($dept) = mysql_fetch_row($result);
            if($index != $num_depts -1)
                $query = $query . " {$GLOBALS['CONFIG']['db_prefix']}data.department = $dept or";
            else 
                $query = $query . " {$GLOBALS['CONFIG']['db_prefix']}data.department = $dept )";
        }
        $query = $query . " and {$GLOBALS['CONFIG']['db_prefix']}data.publishable = 0";
        mysql_free_result($result);
        $result = mysql_query($query, $this->connection) or die("Error in query: $query" . mysql_error());
        $file_data = array();
        $num_files = mysql_num_rows($result);
        for($index = 0; $index< $num_files; $index++)
        {
            list($fid) = mysql_fetch_row($result);
            $file_data[$index] = $fid;
        }
        return $file_data;              
    }       
}
function getAllRejectedFileIds()
{
    $query = "SELECT id FROM {$GLOBALS['CONFIG']['db_prefix']}$this->TABLE_DATA WHERE publishable = '-1'";
    $result = mysql_query($query, $this->connection) or die("Error in query: $query" . mysql_error());
    $file_data = array();
    $num_files = mysql_num_rows($result);
    for($index = 0; $index< $num_files; $index++)
    {
        list($fid) = mysql_fetch_row($result);
        $file_data[$index] = $fid;
    }
    return $file_data;
}
function getRejectedFileIds()
{
    $query = "SELECT id FROM {$GLOBALS['CONFIG']['db_prefix']}data WHERE publishable = '-1' and owner = ".$this->id;
    $result = mysql_query($query, $this->connection) or die("Error in query: $query" . mysql_error());
    $file_data = array();
    $num_files = mysql_num_rows($result);
    for($index = 0; $index< $num_files; $index++)
    {
        list($fid) = mysql_fetch_row($result);
        $file_data[$index] = $fid;
    }
    return $file_data;
}
function getExpiredFileIds()
{
    $lquery = "SELECT id FROM {$GLOBALS['CONFIG']['db_prefix']}data WHERE status=-1 AND owner = '$this->id'";
    $lresult = mysql_query($lquery) or die(mysql_error());
    $llen = mysql_num_rows($lresult);
    $file_data = array();
    for($index = 0; $index< $llen; $index++)
    {
        list($fid) = mysql_fetch_row($lresult);
        $file_data[$index] = $fid;
    }
    return $file_data;
}
function getNumExpiredFiles()
{
    $lquery = "SELECT id FROM {$GLOBALS['CONFIG']['db_prefix']}data WHERE status=-1 AND owner = '$this->id'";
    $lresult = mysql_query($lquery) or die(mysql_error());
    return mysql_num_rows($lresult);
}
function getEmailAddress()
{
    $query = "SELECT Email FROM {$GLOBALS['CONFIG']['db_prefix']}user WHERE id=".$this->id;
    $result = mysql_query($query, $this->connection) or die("Error in query: $query" . mysql_error());
    if(mysql_num_rows($result) > 1)
    {
        echo('LLave no unica');
        exit;
    }
    list($email) = mysql_fetch_row($result);
    mysql_free_result($result);
    return $email;
}

function getPhoneNumber()        
{
    $query = "SELECT phone FROM {$GLOBALS['CONFIG']['db_prefix']}user WHERE id=".$this->id; 
    $result = mysql_query($query, $this->connection) or die("Error in query: $query" . mysql_error());
    if(mysql_num_rows($result) > 1)
    {
        echo('LLave no unica');
        exit; 
    }
    list($phone) = mysql_fetch_row($result);
    mysql_free_result($result);
    return $phone;
}

function getFullName()//Return full name array where array[0]=firstname and array[1]=lastname        
{
    $query = "SELECT first_name, last_name FROM {$GLOBALS['CONFIG']['db_prefix']}user WHERE id=".$this->id;
    $result = mysql_query($query, $this->connection) or die("Error in query: $query" . mysql_error()); 
    if(mysql_num_rows($result) > 1)
    {
        echo('LLave no unica');
        exit;
    }
    list($full_name[0], $full_name[1]) = mysql_fetch_row($result);
    mysql_free_result($result);
    return $full_name;
}

} }