<?php
require_once "../config/config.php";
require_once INCLUDE_DIR."/phpmailer/Functions.php";
require_once INCLUDE_DIR."/users_class.php";
require_once INCLUDE_DIR."/autoresponder.php";
$_action = isset($_REQUEST['action']) ? $_REQUEST['action'] : 'view';
$_action = strtoupper($_action);
$users = new users_class();
//$users->createAdminIfNotExist();
switch($_action) {
case 'DOLOGIN':
//$users = new users_class();
if(CAPTCHA_ENABLE_ON_ADMINSTRATOR_LOGIN_PAGE == 'true')
{
require_once INCLUDE_DIR."/securimage/securimage.php";
$img = new Securimage();
$valid = $img->check($_POST['txtSecretCode']);
if($valid != true)
{
//require_once INCLUDE_DIR."/is_valid_captcha.php";
$smarty->assign('msg',MESSAGE_INVALID_SECURITY_CODE);
$smarty->display('admin_login.tpl');
break;
}
}
if(isset($_POST))
{
//Mytestadmin//Abcdefg1
$lsIsloged_in=$users->ValidateUser($_POST['username_textbox'],$_POST['password_textbox']);
}
if($lsIsloged_in==true)
{
//if($_SESSION[SESSION_PREFIX.'IsAdmin']==true)
if($users->IsAdmin)
{
if((isset($_POST['url']) && $_POST['url']!=""))
{
//$url="http://".$_SERVER['HTTP_HOST'].$_POST['url'];
$url="http://".$_SERVER['HTTP_HOST'].$_POST['url'];
$url=urlencode($url);
Redirect("admin_rotete.php?url=$url");
}
else if(isset($_GET['url']) && $_GET['url']!="")
{
$url="http://".$_SERVER['HTTP_HOST'].urldecode($_GET['url']);
$url=urlencode($url);
Redirect("admin_rotete.php?url=$url");
}
else
{
$url=WEB_URL."/admin/index.php";
$url=urlencode($url);
Redirect("admin_rotete.php?url=$url");
}
}
else
{
//$users = new users_class();
$users->logout();
require_once INCLUDE_DIR."/is_valid_captcha.php";
phpajax::init();
$smarty->assign('msg',MESSAGE_USERNAME_PASSWORD_DOES_NOT_MATCH);
$smarty->display('admin_login.tpl');
}
}
else
{
$smarty->assign('msg',MESSAGE_USERNAME_PASSWORD_DOES_NOT_MATCH);
$smarty->display('admin_login.tpl');
// header("location:http://localhost:8081/admin/admin_login.php");
}
break;
case 'FORGOTPASSWORD':
if(isset($_POST))
{
$email=$_POST['email'];
//$users = new users_class();
$forgotpassResult=$users->getUserNamePassword($_POST['txtForgotPasswordValue'],'');
if(is_array($forgotpassResult))
{
if(sizeof($forgotpassResult)>0)
{
$username=$forgotpassResult[0]['username'];
$userid=$users->getUserId($username);
$password=$forgotpassResult[0]['password'];
$key=$users->getSecretsalt($username);
$password=decrypt($password,$key);
$server=$_SERVER['HTTP_HOST'];
$succString="<div id=\"content\" class=\"setdiv\">
<div style='border:solid 1px #ccc;width:98%'>
<table border=\"0\" width=\"60%\" align=\"center\">
<tbody>
<tr>
<td class=\"right-side-text\" width=\"100%\"><center><label>Your account password is successfully sent to Email address $email</label></center></td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<td class=\"right-side-text\" width=\"100%\"><center><label>Please login into your Email account and get your password</label></center></td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<td><center> <input type='button' id='btnLogin' name='btnLogin' value='Click here to continue...' class=\"btncss\" onclick=\"javascript:location.href='admin_login.php';\"> <center></div></center></td>
</tr>
</table>
</div> </div>";
echo $ADMIN_HEADER;
echo "<div id=\"full-contentdiv\">";
echo "<div class=\"righttop\">";
echo "<h2 align=\"center\">";
echo "Admin Forgot Password";
echo "</h2>";
echo "</div>";
echo "<div class=\"whole-page clear\">";
echo $succString;
echo $ADMIN_FOOTER;
//echo "<br><br><br><div id='sub_container3'><span style=\"width:100%\" class=\"SuccessRegister\">Your account password is successfully sent to email address \"<span style=\"color: #880000;\">" .$emailID. "</span>\". Please login into your email account and get your password.</span><br><br>";
//echo "<center><input type='button' id='btnLogin' name='btnLogin' value='Click here to continue...' onclick=\"javascript:location.href='http://$server/sscMemberSite/admin/admin_login.php';\"> <center></div><br><br><br><br><br>";
/*$EmailContent = "<span style=\"color : #000000;font-weight: normal;font-size: 12px;font-family: Arial,Verdana;\">
Dear <span style=\"color : #000000;font-weight: bold;\"> " . $username ."</span>, <br>Your account password is:$password <br>
<br><br>
<br><br><br>Regards,<p>MemberSite Team</p></span>";
sendMail($email,'www.membersite.com','Your Account Password',$EmailContent,'',false); */
$userQuery = 'SELECT username,password,email,firstname,lastname,isunsubscribedfromemails FROM '.TABLE_PREFIX.'users WHERE id=?';
$lsUsersValues = array($userid);
$laUserData = $users->View($userQuery,$lsUsersValues,null);
SendCannedEmailsAutoresponse(EMAIL_FORGOT_PASSWORD_TEMPLATE_ID,0,EMAIL_FORGOT_PASSWORD_TEMPLATE_NAME,'','',$laUserData[0]['username'],$laUserData[0]['password'],$laUserData[0]['email'],$laUserData[0]['firstname'],$laUserData[0]['lastname']);
}
}
else
{
$smarty->assign('msg',MESSAGE_NO_SUCH_USER);
$smarty->display('admin_login.tpl');
}
}
break;
default :
if(isset($_GET['url']))
$modUrl=$_GET['url'];
else
$modUrl="";
// require_once INCLUDE_DIR."/is_valid_captcha.php";
// phpajax::init();
$smarty->assign('modUrl',$modUrl);
$smarty->display('admin_login.tpl');
}
?>