Location: PHPKode > projects > WorkOrder TS > workorder-ts/login.php
<?PHP error_reporting(E_ALL ^ E_NOTICE);if( is_dir('./setup_files')==True || file_exists('setup.php')==TRUE ) { if( file_exists("OverwriteLocks")==FALSE ) { if( file_exists("include/config-user.inc.php")==True ) { die("You have not deleted the setup files yet. Please delete the directory <b>setup_files</b> AND <b>setup.php</b>. This is for your security!     <br>The program will not execute until the installer has been removed. Once removed, click on refresh page to login with the username: <b>admin</b> or <b>tech</b> and the password you specified during the setup.<br><br><br><br>     <a href='setup.php'>Or Click Here to Run setup/update</a>");} else { die("WorkOrder TS is not installed or not properly installed. <a href='setup.php'>Click Here to Run setup/update</a>");} } } $inc_dir='./include/';$_jILCI=NULL;$_Ilo8J=Null;$TargetQueryPass=Null;require $inc_dir.'config-guest.inc.php';require $inc_dir.'conn-string-guest.inc.php';$self=$_SERVER['PHP_SELF'];if( isset($_POST['Username']) ) { $_jILCI=mysql_real_escape_string($_POST['Username']);} function _ODP6Q($inc_dir,$User_ID,$CONF) { require $inc_dir.'config-user.inc.php';require $inc_dir.'conn-string-user.inc.php';$SSID=session_id();$_jj0o1=$_SERVER['REMOTE_ADDR'];$_jj1j1=date("Y").'-'.date("m").'-'.date("d")." ".date("H").':'.date("i").':'.date("s");$sql="insert into ".$CONF['TableNameUsersLogin']."(    Login_USER_ID,    Login_ssid,    Login_ip,    Login_time)     values('$User_ID','$SSID','$_jj0o1','$_jj1j1')";@$res=mysql_query($sql,$conn);$_jjQIJ=mysql_errno();return $_jjQIJ;} function _ODA18($inc_dir,$CONF) { require $inc_dir.'config-user.inc.php';require $inc_dir.'conn-string-user.inc.php';$SSID=session_id();$sql="select Login_ID from ".$CONF['TableNameUsersLogin']." WHERE Login_ssid = '$SSID'";$res=mysql_query($sql,$conn) or die("Error getting user info: Error 356425<br>$sql");$_jjQIo=mysql_num_rows($res);for( $x=0;$x <=$_jjQIo;$x++) { $row=mysql_fetch_array($res);$_jjQOl=$row['Login_ID'];$sql="delete from ".$CONF['TableNameUsersLogin']." WHERE Login_ID = '$_jjQOl'";mysql_query($sql,$conn) or die("Unable to delete double SSID: Error 356s5<br>$sql");} $sql="select Login_ID from ".$CONF['TableNameCustomersLogin']." WHERE Login_ssid = '$SSID'";$res=mysql_query($sql,$conn) or die("Error getting customer info: Error 356426a<br>$sql");$_jjQIo=mysql_num_rows($res);for( $x=0;$x <=$_jjQIo;$x++) { $row=mysql_fetch_array($res);$_jjQOl=$row['Login_ID'];$sql="delete from ".$CONF['TableNameCustomersLogin']." WHERE Login_ID = '$_jjQOl'";mysql_query($sql,$conn) or die("Unable to delete double SSID: Error 356s56a<br>$sql");} } function _ODAAD($inc_dir,$CONF,$SSID) { require $inc_dir.'config-user.inc.php';require $inc_dir.'conn-string-user.inc.php';$_jjQij=$CONF['AuthenticationTimeoutMin'];$_jjICL=strtotime("-$_jjQij minutes");$_jjj6L="select ".$CONF['TableNameUsers'].".User_rights,   ".$CONF['TableNameUsers'].".User_shop,".$CONF['TableNameUsers'].".User_name,   ".$CONF['TableNameUsersLogin'].".Login_ssid,".$CONF['TableNameUsers'].".User_ID    from ".$CONF['TableNameUsers'].",".$CONF['TableNameUsersLogin']." WHERE ".$CONF['TableNameUsers'].".User_ID = ".$CONF['TableNameUsersLogin'].".Login_USER_ID AND ".$CONF['TableNameUsersLogin'].".Login_ssid='$SSID'";$_jjjiI=mysql_query($_jjj6L,$conn) or die("Unable to get User Information Error 3dd35das<br> $sql");$_jjJoJ=mysql_fetch_array($_jjjiI);$_IlLfj[0]=$_jjJoJ['User_rights'];$_IlLfj[1]=$_jjJoJ['User_shop'];$_IlLfj[2]=$_jjJoJ['User_name'];$_IlLfj[3]=$_jjJoJ['User_ID'];$_jjJCf=$CONF["DefaultValuesStoreName".$_IlLfj[1]."Date"];$_jj6oj=$CONF["DefaultValuesStoreName".$_IlLfj[1]."TimeZone"];$_jjf66=$CONF["DefaultValuesStoreName".$_IlLfj[1]."TimeZoneSign"];$_jjfOj=$CONF["DefaultValuesStoreName".$_IlLfj[1]."DayLightSavings"];$_jjfit=_OF18E("$_jjf66","$_jj6oj","$_jjfOj","$_jjJCf");$_jjflI=date("Y");$_jj8jl=date("m");$_jj8L0=date("d");$_jjttQ=date("H");$_jjttJ=NULL;$_jjtiJ=date("i");$_jjO6C=NULL;$_jjoJO=date("s");$sql="select Login_ID,Login_USER_ID,Login_time from ".$CONF['TableNameUsersLogin']." WHERE Login_time BETWEEN '1980-March-09' AND FROM_UNIXTIME(' $_jjICL ')";$res=mysql_query($sql,$conn) or die("Unable to Clear Old Users: Error 3564346<br>$sql");$_jjQIo=mysql_num_rows($res);for( $x=0;$x <=$_jjQIo;$x++) { $row=mysql_fetch_array($res);$_jjQOl=$row['Login_USER_ID'];$_jjoOJ=$row['Login_time'];$_jjC1j[$x][0]=_ODB0D($_jjQij,$_jjoOJ);$_jjCio=$_jjC1j[$x][0];if( $_jjCio <=0 ) { $_jjit8="delete from ".$CONF['TableNameUsersLogin']." WHERE Login_USER_ID = '$_jjQOl'";$_jjio8=mysql_query($_jjit8,$conn);} else{ $_jjLOQ="Still logged in";} } } require $inc_dir.'workorder_function_general.inc.php';$CONF=_OFB10($inc_dir);function _ODB0D($_jjQij,$_jjlJl) { $_jJ01L=0;$_jjoOJ=strtotime($_jjlJl." GMT");$_jjICL=strtotime("-$_jjQij minutes");$_jJ0fL=$_jjoOJ-$_jjICL;echo($_jJ0fL);if( $_jJ0fL >=0 ) { $_jJ01L=$_jJ0fL;echo($_jJ01L);} return $_jJ01L;} function _ODBCQ($CONF,$_jJ0lJ) { $inc_dir='./include/';require $inc_dir.'config-user.inc.php';include $inc_dir.'conn-string-user.inc.php';$_jJ1l1=True;while( $_jJ1l1==True ) { $sql="select COUNT(*) from ".$CONF['TableNameUsersLogin']." WHERE Login_USER_ID = '$_jJ0lJ'";$res=mysql_query($sql,$conn) or die("Unable to Get UserLogin Count Error Code: 42365fg<br />$sql");$row=mysql_fetch_array($res);$_jJQti=$row['COUNT(*)'];if( $_jJQti >=$CONF['UserMaxLoginControl'] ) { $sql="select Login_ID from ".$CONF['TableNameUsersLogin']." WHERE Login_USER_ID = '$_jJ0lJ' ORDER BY Login_time ASC";$res=mysql_query($sql,$conn) or die("Unable to Get UserLogin Error Code: 427905fg<br />$sql");$row=mysql_fetch_array($res);$_jJQi1=$row['Login_ID'];$sql="delete from ".$CONF['TableNameUsersLogin']." WHERE Login_ID = $_jJQi1";$res=mysql_query($sql,$conn) or die("Unable to Clear UserLogin Error Code: 427905sfg<br />$sql");} else{ $_jJ1l1=False;} } } if( $_jILCI=="" ) { if( isset($_GET['TargetURLPass']) ) { $_Ilo8J=$_GET['TargetURLPass'];} if( isset($_GET['TargetQueryPass']) ) { $TargetQueryPass=$_GET['TargetQueryPass'];} $_jJIIo=$_SERVER['PHP_SELF'];$_jJILo=explode( '/',$_jJIIo);$_jJjfI=count($_jJILo);$_jJjo6=$_jJILo[($_jJjfI-1)];unset($_jJILo);unset($_jJjfI);$_jJJJL=str_replace($_jJjo6,"",$_jJIIo);$_Ilo8J=str_replace($_jJJJL,"",$_Ilo8J);if( ereg("include/pro",$_SERVER['PHP_SELF'] )==False ) { $_Ilo8J='./'.$_Ilo8J;} elseif( ereg("/cg1/mirko/",$_SERVER['PHP_SELF'] )==True ) { $_Ilo8J='../../'.$_Ilo8J;} else { $_Ilo8J='../../'.$_Ilo8J;} $disp_tarqpass=$TargetQueryPass;$disp_targeturl=$_Ilo8J;$disp_complogolocation=$CONF['Company Logo Location'];$disp_cname=$CONF['Company Name'];$disp_cust_login=$CONF['EnableCustomerLogin'];$disp_incdir=$inc_dir;require './skins/'.$CONF['SkinPath'].'/frmLogin.php';} else{ session_start();$SSID=session_id();include $inc_dir.'magic_quotes.php';require $inc_dir.'conn-string-guest.inc.php';$self=$_SERVER['PHP_SELF'];$_jJfCi=mysql_real_escape_string($_POST['Password']);if( $_jJfCi=="" ) { die("Username and/or Password incorrect. <a href =\"javascript:history.back()\">Please try again.</a>");} $_jJfCi=md5("$_jJfCi");$_jj0o1=$_SERVER['REMOTE_ADDR'];$TargetQueryPass=$_POST['TargetQueryPass'];$TargetURLPass=$_POST['TargetURLPass'];$sql="select User_ID,User_name,Userpassword,User_rights,User_chksum,User_active from ".$CONF['TableNameUsers']." where User_name='$_jILCI' and Userpassword='$_jJfCi'";$res=mysql_query($sql,$conn) or die("Error getting user info. MySQL Error:".mysql_error()." Error 3424<br>$sql");$_jjQIo=mysql_num_rows($res);if( $_jjQIo==0 ) { die("Username and/or Password incorrect. <a href =\"javascript:history.back()\">Please try again.</a>");} $row=mysql_fetch_Array($res);$_jJ8Ct=$row['User_ID'];$User_ID=$row['User_ID'];$User_name=$row['User_name'];$_jJtLf=$row['Userpassword'];$_jJO6Q=$row['User_rights'];$_jJO8O=$row['User_chksum'];$_jJoJ6=$row['User_active'];if( $_jJfCi !=$_jJtLf ) { die("Username and/or Password incorrect. <a href =\"javascript:history.back()\">Please try again.</a>");} if( $_jJoJ6 !=1 ) { die("Your user account is currently disabled");} if( file_exists("$inc_dir/pro/calendar.php")==False ) { if( _OF66A($_jJO8O)==1 ) { $sql="select User_ID,User_chksum from ".$CONF['TableNameUsers']." where User_chksum='$_jJO8O'";$res=mysql_query($sql,$conn) or die("Error 3426cks");$_jjQIo=mysql_num_rows($res);$sql="select COUNT(*) AS COUNT from ".$CONF['TableNameUsers']."";$res=mysql_query($sql,$conn) or die("Error 34254cks");$row=mysql_fetch_array($res);$_jJoJL=$row['COUNT'];if( $_jjQIo==0 ) { die("Incorrect User account values, please contact technical support. Error: usr- ".$_jJoJL);} if( $_jjQIo > 1 ) { die("Incorrect User account values, please contact technical support. Error: usr-chk- ".$_jJoJL);} } else { $sql="select COUNT(*) AS COUNT from ".$CONF['TableNameUsers']."";$res=mysql_query($sql,$conn) or die("Error 34254cks");$row=mysql_fetch_array($res);$_jJoJL=$row['COUNT'];die("Incorrect User account values, please contact technical support. Error: sk- ".$_jJoJL);} } _ODAAD($inc_dir,$CONF,$SSID);_ODBCQ($CONF,$User_ID);_ODA18($inc_dir,$CONF);_ODP6Q($inc_dir,$User_ID,$CONF);if( empty($TargetQueryPass)==FALSE || empty($TargetURLPass)==FALSE ) { $_IlC1t=$TargetQueryPass;$_IlC1t=str_replace('------','&',$_IlC1t);$_IlC1t=str_replace('---','&',$_IlC1t);$_IlC1t=str_replace('\=','=',$_IlC1t);if( empty($_IlC1t)==FALSE ) { echo('         <html>         <head>         <meta http-equiv="refresh" content="0; url='.$TargetURLPass.'?'.$_IlC1t.'&amp;SSID='.$SSID.'">          </head>          <body>         Connecting ...         </body>         </html>');} else{ if( $TargetURLPass=='./' ) { $TargetURLPass='./workorder.php';} echo('         <html>         <head>         <meta http-equiv="refresh" content="0; url='.$TargetURLPass.'?SSID='.$SSID.'">          </head>          <body>         Connecting ...         </body>         </html>');} } else{ echo('       <html>       <head>       <meta http-equiv="refresh" content="0; url=workorder.php?SSID='.$SSID.'">        </head>        <body>       Connecting ...       </body>       </html>');} } ?>
Return current item: WorkOrder TS