86 lines
2.7 KiB
PHP
86 lines
2.7 KiB
PHP
<?php
|
|
## INDEX gegen DB
|
|
if(!isset($_SESSION)) { session_start(); }
|
|
|
|
include_once '../classes/TestProjektSmarty.class_subdir.php';
|
|
require_once("../config.inc.php");
|
|
require_once("../config/datenbankanbindung.php");
|
|
$smarty = new SmartyAdmin();
|
|
$templatename = substr(basename($_SERVER['PHP_SELF']),0,-3)."html";
|
|
require_once "../language/german.inc.php";
|
|
|
|
|
|
$action = $_GET['action'];
|
|
if($action == ''){
|
|
if(isset($_GET['error'])){
|
|
|
|
$errorno = $_GET['error'];
|
|
|
|
$smarty->assign('index_error', 1);
|
|
|
|
if($errorno == 1){
|
|
$smarty->assign('index_error_text', "Es müssen alle Felder ausgefüllt werden");
|
|
}
|
|
|
|
if($errorno == 2){
|
|
$smarty->assign('index_error_text', "Der Benutzername ist im System nicht vorhanden");
|
|
}
|
|
|
|
if($errorno == 3){
|
|
$smarty->assign('index_error_text', "Der Benutzername oder das Passwort ist nicht korrekt.");
|
|
}
|
|
|
|
# Daten aufbereiten bei Fehler
|
|
if(isset($_SESSION["global_username"])){
|
|
$smarty->assign('index_user', $_SESSION["global_username"]);
|
|
}
|
|
}
|
|
|
|
|
|
}
|
|
|
|
if($action == 'anmeld'){
|
|
$username=strtoupper($_POST["user"]); //remove case sensitivity on the username
|
|
$password=$_POST["password"];
|
|
|
|
if($_POST["user"] != ""){
|
|
$_SESSION["global_username"]=$username;
|
|
}
|
|
|
|
if($username == "" OR $password == ""){
|
|
echo "<meta http-equiv=\"refresh\" content=\"0; URL=".$_SERVER['PHP_SELF']."?error=1\">";
|
|
}else{
|
|
|
|
|
|
$db = dbconnect();
|
|
$result = $db->query("SELECT bpmuid, uid, passwort FROM jumi_admin WHERE UPPER(uid)='$username'");
|
|
$row = $result->fetch_array();
|
|
|
|
|
|
if ($username != strtoupper($row['uid'])) {
|
|
echo "<meta http-equiv=\"refresh\" content=\"0; URL=".$_SERVER['PHP_SELF']."?error=2\">";
|
|
}
|
|
// Passwort falsch
|
|
elseif (md5($password) != $row['passwort']){ //verschlüsseltes Passwort überprüfen
|
|
# Cookies werden bereits gesetzt, falls sich jemand ein passwort zusenden lässt.
|
|
$_SESSION["global_uid"] = $row['bpmuid'];
|
|
$_SESSION["global_username"] = $row['uid'];
|
|
echo "<meta http-equiv=\"refresh\" content=\"0; URL=".$_SERVER['PHP_SELF']."?error=3\">";
|
|
}else{
|
|
$db = dbconnect();
|
|
$datum=date("Y-m-d H:i:s");
|
|
$ip=getenv("REMOTE_ADDR");
|
|
$agent=getenv("HTTP_USER_AGENT");
|
|
$user_admin = $row['bpmuid'];
|
|
$_SESSION["global_uid"] = $user_admin;
|
|
$_SESSION["global_username"] = $row['uid'];
|
|
$result_1 = $db->query("INSERT INTO jumi_adminlog (Datum, IP, user_agent, bpmuid) VALUES ('$datum', '$ip', '$agent', '$user_admin')");
|
|
$smarty->assign('index_login', "1");
|
|
}
|
|
}
|
|
|
|
}
|
|
|
|
$smarty->assign('action', "$action");
|
|
$smarty->display("$template/admin/$templatename");
|
|
?>
|