<?php #error_reporting(E_ALL); /* # Fuer debugging error_reporting(E_ALL); ini_set('display_errors', 1); #echo __LINE__."<br>"; */ session_start(); include_once 'classes/TestProjektSmarty.class.php'; $smarty = new Smarty(); require_once("config.inc.php"); $template = "standard"; $templatename = substr(basename($_SERVER['PHP_SELF']), 0, -3) . "html"; require_once "language/german.inc.php"; if (isset($_GET['action'])) { $action = $_GET['action']; } else { $action = ''; } if ($action == '') { } if ($action == 'anmeld') { #$db = dbconnect(); $result = $db->query("SELECT vaid, user, passwort FROM prog_admin WHERE inaktiv != 'J' AND UPPER(user)=UPPER('$_POST[user]')"); $row = $result->fetch_array(); // Leere Textfelder if (empty($_POST['user']) or empty($_POST['passwort'])) { $smarty->assign('index_noinput', '1'); } // Benutzer nicht im System elseif (strtoupper($_POST['user']) != strtoupper($row['user'])) { $smarty->assign('index_nouser', '1'); } // Passwort falsch elseif (md5($_POST['passwort']) != $row['passwort']) { //verschl�sseltes Passwort �berpr�fen # Cookies werden bereits gesetzt, falls sich jemand ein passwort zusenden l�sst. setcookie("user_admin", ""); setcookie("user_admin", $row['user']); setcookie("user_userid", ""); setcookie("user_userid", $row['vaid']); $smarty->assign('index_passwrong', '1'); // Passwortwechsel notwendig } else { #$db = dbconnect(); $datum = date("Y-m-d H:i:s"); $ip = getenv("REMOTE_ADDR"); $agent = getenv("HTTP_USER_AGENT"); $user_admin = $row['user']; # $url = "https://anonymouse.org/cgi-bin/anon-www_de.cgi/https://www.whois-api.com/?$ip"; # $xml = @simplexml_load_file($url); # $isp = $xml->isp; # $host = gethostbyaddr($ip); # $organisation = $xml->organization; # $url=file_get_contents("https://anonymouse.org/cgi-bin/anon-www_de.cgi/https://whatismyipaddress.com/ip/$ip"); # preg_match_all('/<th>(.*?)<\/th><td>(.*?)<\/td>/s',$url,$output,PREG_SET_ORDER); # $isp=$output[4][2]; $isp=""; # $host=$output[2][2]; $host=""; # $organisation=$output[5][2]; $organisation=""; setcookie("user_admin", ""); setcookie("user_admin", $user_admin); $user_userid = $row['vaid']; setcookie("user_userid", ""); setcookie("user_userid", $user_userid); $sid = session_id(); $result_1 = $db->query("INSERT INTO prog_userlog_admin (Datum, IP, user_agent, isp, organisation, host, uid, session_id) VALUES ('$datum', '$ip', '$agent', '$isp', '$organisation', '$host', '$user_userid', '$sid')"); $smarty->assign('index_login', '1'); } } if ($action == 'pass_gen') { $uid1 = $_COOKIE["user_admin"]; $pool = "qwertzupasdfghkyxcvbnm"; $pool .= "23456789"; $pool .= "WERTZUPLKJHGFDSAYXCVBNM"; srand((double) microtime() * 1000000); for ($index = 0; $index < 7; $index++) { $pass_word .= substr($pool, (rand() % (strlen($pool))), 1); } $new_pw_md5 = md5($pass_word); #$db = dbconnect(); $result = $db->query("SELECT distinct DATE_ADD(NOW(), INTERVAL 1 MONTH) exp_date FROM prog_admin WHERE user ='$uid1' "); $row = $result->fetch_array(); $sql = $db->query("UPDATE prog_admin SET passwort='$new_pw_md5', pw_expire='$row[exp_date]' WHERE user='$uid1'"); $result2 = $db->query("SELECT user, vorname, nachname, mail FROM prog_admin WHERE user='$uid1'"); $row2 = $result2->fetch_array(); $empfaenger = "$row2[mail]"; $betreff = "Prognosetool: Passwort zurückgesetzt"; $text = " <html> <head> <title>Passwort zurückgesetzt</title> </head> <body> <font face='Arial' size='2'> Guten Tag $row2[vorname] $row2[nachname]!<br><br> Sie haben Ihr Passwort im Prognosetool zurückgesetzt!<br> Nachfolgend finden Sie Ihre neuen Zugangsdaten: <br> <br> <table> <tr> <td valign='top'> <font face='Arial' size='2'> Benutzerkennung: </font> </td> <td valign='top'> <font face='Arial' size='2'> <b>$row2[user]</b> </font> </td> </tr> <tr> <td valign='top'> <font face='Arial' size='2'> Passwort: </font> </td> <td valign='top'> <font face='Arial' size='2'> <b>$pass_word</b> </font> </td> </tr> </table> <br> Bitte beachten Sie, dass zwischen Groß- und<br> Kleinschreibung unterschieden wird. <p> Diese Mail wurde automatisch generiert!<br> Antworten Sie daher nicht auf diese Mail<br> <br> Vielen Dank </body> </html>"; $headers = "MIME-Version: 1.0\n"; $headers .= "Content-type: text/html; charset=iso-8859-1\n"; $headers .= "From: Prognosetool <$row2[mail]>\n"; $return = @mail($empfaenger, $betreff, $text, $headers); if ($return) { $smarty->assign('index_mailpass', '1'); $mailadresse = $row2['mail']; $smarty->assign('index_mailadr', "$mailadresse"); } else { $smarty->assign('index_nomailpass', "1"); } } $smarty->assign('action', "$action"); $smarty->display("$template/$templatename"); ?>