Location: PHPKode > projects > Vehicle Service Tracker > VST/checkuser.php
<?php
//==========================================================================
// checkuser.php
//
// Check user login information, called from login.php
//
// Copyright (c) 2006 Kenneth J. Snyder
// Licensed under the GNU GPL. For full terms see the file LICENSE
// -------------------------------------------------------------------------
//
// Created: 10Mar2006 Snyder, Kenneth J. hide@address.com 
//
// Revised: 23Mar2006 Snyder, Kenneth J. hide@address.com v2.0.4
//          - Select LASTLOGIN, insert LASTLOGIN. Pass LASTLOGIN to main
//          22Feb2007 Snyder, Kenneth J. hide@address.com v2.1.0
//          - Changed password to use hash
//
//==========================================================================
?>


<html>
 <body>
<?php
$db2id='';
$db2passwd='';
include_once("includes.php");
$dbconn = odbc_connect("$dbname","$dbuid","$dbpasswd");
$PASSWD=sha1($PASSWD);
if ($dbconn==0) {
   $a = odbc_errormsg("DB2 Connect Failed. DB2 might not be running");
   echo($a);
 } else {
   if ( $USERNAME ) {
     // Make the select for the user
     // -------------------------------
     $SelectLogin="select LAST,FIRST,PASSWD,date(LASTLOGIN),";
     $SelectLogin.="time(LASTLOGIN) from ";
     $SelectLogin.="vst.CLIENTS where USRNAME='$USERNAME'";
     //echo "Select [$SelectLogin]<BR>";
     $SelectLoginResult = odbc_exec($dbconn, $SelectLogin);

     // Set the results if there are any
     // -------------------------------------------
     odbc_fetch_row($SelectLoginResult);
     $DBLAST=odbc_result($SelectLoginResult,1);
     $DBFIRST=odbc_result($SelectLoginResult,2);
     $DBPASSWD=odbc_result($SelectLoginResult,3);
     $LASTDATE=odbc_result($SelectLoginResult,4);
     $LASTTIME=odbc_result($SelectLoginResult,5);

     // Check if there are any results and if the password is right
     // -------------------------------------------------------------
     if ( ! $DBPASSWD ) {
       odbc_commit($dbconn);
       odbc_close_all();
       header("Location: login.php?rc=10");
      } elseif ($DBPASSWD==$PASSWD) {
       $SID=md5(uniqid(rand(),TRUE));
       $SIDUpdate="update vst.CLIENTS set SID='$SID',";
       $SIDUpdate.="LASTLOGIN=current timestamp where USRNAME='$USERNAME'";
       $irc=odbc_exec($dbconn,$SIDUpdate);
       odbc_commit($dbconn);
       odbc_close_all();
       echo "IRC $irc";
       if ( $irc ) {
         $headers="Location: main.php?SID=$SID&USERNAME=$USERNAME&";
         $headers.="LASTDATE=$LASTDATE&FIRST=$DBFIRST&LASTTIME=$LASTTIME";
         header($headers);
        } else {
         die("Something wrong with update...no db connection");
       } // if ($irc)
      } else {
       //echo "Invalid password [$PASSWD] dbpassword [$DBPASSWD]";
       odbc_commit($dbconn);
       odbc_close_all();
       header("Location: login.php?rc=21&USERNAME=$USERNAME");
     } // if (! $DBPASSWD)
    } else {
     odbc_commit($dbconn);
     odbc_close_all();
     header("Location: login.php?rc=14");
   } // if ($USERNAME)
   
} // DB Connect passed
?>
 </body>
</html>
100% Free PHP Newsletter Script! Download now!
Return current item: Vehicle Service Tracker