first commit
This commit is contained in:
aschwarz
101
index_db.php
Executable file
101
index_db.php
Executable file
@ -0,0 +1,101 @@
|
||||
<?php
|
||||
## INDEX gegen DB
|
||||
session_start();
|
||||
|
||||
include_once 'classes/TestProjektSmarty.class.php';
|
||||
#require_once("config.inc.php");
|
||||
require_once("config/datenbankanbindung.php");
|
||||
$smarty = new Smarty();
|
||||
$template = "login";
|
||||
$templatename = substr(basename($_SERVER['PHP_SELF']),0,-3)."html";
|
||||
require_once "language/german.inc.php";
|
||||
|
||||
|
||||
$action = $_GET['action'];
|
||||
if($action == ''){
|
||||
if(isset($_GET[error])){
|
||||
|
||||
$errorno = $_GET[error];
|
||||
|
||||
$smarty->assign('index_error', 1);
|
||||
|
||||
if($errorno == 1){
|
||||
$smarty->assign('index_error_text', "Es müssen alle Felder ausgefüllt werden");
|
||||
}
|
||||
|
||||
if($errorno == 2){
|
||||
$smarty->assign('index_error_text', "Ber Benutzername ist im System nicht vorhanden");
|
||||
}
|
||||
|
||||
if($errorno == 3){
|
||||
$smarty->assign('index_error_text', "Ber Benutzername oder das Passwort ist nicht korrekt<br>Sie können hier ein <a class='box' href='passwort_vergessen.php'>neues Passwort</a> beantragen");
|
||||
}
|
||||
|
||||
# Daten aufbereiten bei Fehler
|
||||
if(isset($_SESSION["global_username"])){
|
||||
$smarty->assign('index_user', $_SESSION["global_username"]);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
if($action == 'anmeld'){
|
||||
$username=strtoupper($_POST["user"]); //remove case sensitivity on the username
|
||||
$password=$_POST["password"];
|
||||
|
||||
if($_POST["user"] != ""){
|
||||
$_SESSION["global_username"]=$username;
|
||||
}
|
||||
|
||||
if($username == "" OR $password == ""){
|
||||
echo "<meta http-equiv=\"refresh\" content=\"0; URL=".$_SERVER['PHP_SELF']."?error=1\">";
|
||||
}else{
|
||||
|
||||
|
||||
$db = dbconnect();
|
||||
$result = $db->query("SELECT imtuid, uid, passwort FROM imt_user WHERE aktiv = '1' AND UPPER(uid)='$username'");
|
||||
$row = $result->fetch_array();
|
||||
|
||||
|
||||
// Wenn expiredate überschritten, dann 1
|
||||
$result2 = $db->query("SELECT 1
|
||||
FROM imt_user
|
||||
WHERE pw_expire < now()
|
||||
AND uid = '$row[user]'
|
||||
");
|
||||
$row2 = $result2->fetch_array();
|
||||
|
||||
|
||||
|
||||
|
||||
if ($username != strtoupper($row[uid])) {
|
||||
echo "<meta http-equiv=\"refresh\" content=\"0; URL=".$_SERVER['PHP_SELF']."?error=2\">";
|
||||
}
|
||||
// Passwort falsch
|
||||
elseif (md5($password) != $row[passwort]){ //verschlüsseltes Passwort überprüfen
|
||||
# Cookies werden bereits gesetzt, falls sich jemand ein passwort zusenden lässt.
|
||||
$_SESSION["global_uid"] = $row[imtuid];
|
||||
$_SESSION["global_username"] = $row[uid];
|
||||
echo "<meta http-equiv=\"refresh\" content=\"0; URL=".$_SERVER['PHP_SELF']."?error=3\">";
|
||||
}else{
|
||||
$db = dbconnect();
|
||||
$datum=date("Y-m-d H:i:s");
|
||||
$ip=getenv("REMOTE_ADDR");
|
||||
$agent=getenv("HTTP_USER_AGENT");
|
||||
$user_admin = $row[imtuid];
|
||||
$_SESSION["global_uid"] = $user_admin;
|
||||
$_SESSION["global_username"] = $row[uid];
|
||||
$result_1 = $db->query("INSERT INTO imt_userlog (Datum, IP, user_agent, imtuid) VALUES ('$datum', '$ip', '$agent', '$user_admin')");
|
||||
$sql = $db->query ("UPDATE imt_user SET mail_inaktiv='0000-00-00 00:00:00' WHERE imtuid='$user_admin'");
|
||||
$smarty->assign('index_login', "1");
|
||||
}
|
||||
mysqli_close();
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
$smarty->assign('action', "$action");
|
||||
$smarty->display("$template/$templatename");
|
||||
?>
|
||||
Reference in New Issue
Block a user