Location: PHPKode > projects > WebETB > login.php4
<?
/******************************************************************************/
/*	MODUL:	login.php4             														   */
/*																										*/
/* DATUM:	27.03.2006, Version 0.1															*/
/* BESCHR.:	Loginmaske fuer webETB Benutzer                                   */
/*																										*/
/*	AUTOR:   Marcus Groh																			*/
/*	LIZENZ:  GPL v2 vom Juni 1991 															*/
/*																										*/
/*	AENDERUNGEN:	29.06.2004        -initiale Version								   */
/*                27.03.2006 v 0.1, -Versionskennzeichnung eingefuehrt        */
/*                                  -Code unter GPL v2 gestellt               */
/*                                  -Tabellenname dynamisiert                 */
/*																										*/
/******************************************************************************/
include ('_include/header.php4');

if ( !isset($login))
{  
   ?>
   <br><br><br><br><br>
   <center>
   <table BORDER="0" CELLSPACING="0" CELLPADDING="0">
   <tr>
      <td COLSPAN="3" HEIGHT="1" style="background-color: #000000;"><img src="_img/spacer.gif" HEIGHT="1" WIDTH="122" BORDER="0"></td>
   </tr>
   <tr>
      <td WIDTH="1" style="background-color: #000000;"><img src="_img/spacer.gif" WIDTH="1" BORDER="0"></td>
      <td>
         <table BORDER="0" CELLSPACING="0" CELLPADDING="4">
         <form action="" method=post name="Login">
         <tr>
            <th COLSPAN="3" ALIGN="CENTER">.: Benutzeranmeldung :.</th>
         </tr>
         <tr>
            <td>Benutzername</td>
            <td HEIGHT="35" WIDTH="20">&nbsp;</td>
            <td WIDTH="120"><input TYPE=text NAME="user" style="width: 100px; border: 1px solid silver;"></TD>
         </tr>

         <tr>
            <td>Passwort</td>
            <td HEIGHT="35" WIDTH="20">&nbsp;</td>
            <td WIDTH="120"><input TYPE=password NAME="pass" style="width: 100px; border: 1px solid silver;"></TD>
         </tr>

         <tr>
            <td COLSPAN="3" BGCOLOR="#CCCCCC" HEIGHT="30" ALIGN="CENTER" VALIGN="CENTER"><INPUT TYPE="hidden" name="login" VALUE="TRUE">
                                              <input type=submit VALUE="Anmelden" style="border: 1px solid silver;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
                                              <input type=reset VALUE="Abbrechen" style="border: 1px solid silver;"></td>
         </tr>
         </form>
         </table>
      </td>
      <td WIDTH="1" style="background-color: #000000;"><img src="_img/spacer.gif" WIDTH="1" BORDER="0"></td>
   <tr>
      <td COLSPAN="3" HEIGHT="1" style="background-color: #000000;"><img src="_img/spacer.gif" HEIGHT="1" WIDTH="122" BORDER="0"></td>
   </tr>
   </table>      
   </center>
   <?
}
else
{
  
   // Reset some-Flags
   $login="";
   
   // config manuell laden, da diese erst global ab header_1 zur verfuegung stehen soll
   include "./config/conf_glbl.php4";
   
   
   // Check given username in db, if it's not available, go back to form
   $select_uid="select uid, w_rights, einheit from $T_user where u_name like '$user'";
   $result_uid=@mysql_db_query($database['database'],$select_uid,$db);
   $usrcnt=mysql_num_rows($result_uid);
   if ( $usrcnt <= 0 )
   {
      echo "<meta http-equiv=\"refresh\" content=\"0; URL=login.php4\">\n";
      exit;
   }

   //Check if user has write permission and can create a new scenario   
   while ( $row=mysql_fetch_array($result_uid) )
    {
      $dbuid=$row['uid'];
      $dbeinheit=$row['einheit'];
      if ( $row['w_rights'] == "Y" ) 
      { 
         $writemode="TRUE"; 
      }
      else
      {
         $writemode="FALSE";
         $action="MIT"; 
      }

      if ( $row['einheit'] != "elw" )
      {
         $action="MIT";    
      }      
    }
   

         
   // Get password from given user out of db
   $select_pwd="select u_pwd from $T_user where uid=$dbuid";
   $result=@mysql_db_query($database['database'],$select_pwd,$db);
   $row=mysql_fetch_array($result);
   $db_pass=$row['u_pwd'];
   
   // Crypt pass and compare with db-stored one
   $crypt_pass=crypt($pass,"webetb");      
   
   if ( strcmp ($crypt_pass,$db_pass) != 0 )
   {
      echo "<meta http-equiv=\"refresh\" content=\"0; URL=login.php4\">\n";
      exit;
   }
   // Global var access acknowledged
   $access="TRUE";
   $_SESSION['uid']=$dbuid;
   $_SESSION['mygroup']=$dbeinheit;
   
   echo "<meta http-equiv=\"refresh\" content=\"0; URL=action.php4\">\n";
   
}
include ('_include/footer.php4');
?>
Return current item: WebETB