'; ?>
Login
"; $name = $_REQUEST["name"]; $password = $_REQUEST["password"]; $loginMax = MAXLOGIN; if(!isset($name) || $name == ''){ echo ""; } else{ echo ""; } echo ""; echo ""; if(!isset($name) || $name == '' || !isset($password) || $password == ''){ killSession(); echo "
"; echo "
"; echo "
Name:
"; echo "
Password:
"; echo "
"; echo "
Forgot your password?
"; echo "
"; echo "
"; } if(isset($name) && $name != '' && isset($password) && $password != ''){ $sql_count = "SELECT mb_user_login_count FROM mb_user WHERE mb_user_name = $1"; $params = array($name); $types = array('s'); $res_count = db_prep_query($sql_count,$params,$types); if($row = db_fetch_array($res_count)){ if($row["mb_user_login_count"] > MAXLOGIN){ echo "Permission denied. Login failed ".MAXLOGIN." times. Your account has been deactivated. Please contact your administrator!"; die(); } } $row = auth_user($name, $password); // if given user data is found in database, set session data (db_fetch_array returns false if no row is found) if($row){ setSession(); include(dirname(__FILE__)."/../../conf/session.conf"); } if($_SESSION["mb_user_id"]){ if($row["mb_user_login_count"] < $loginMax){ $sql_del_cnt = "UPDATE mb_user SET mb_user_login_count = 0 WHERE mb_user_id = " . $_SESSION['mb_user_id']; db_query($sql_del_cnt); require_once(dirname(__FILE__)."/../php/mb_getGUIs.php"); $arrayGUIs = mb_getGUIs($row["mb_user_id"]); $_SESSION["mb_user_guis"] = $arrayGUIs; $_SESSION["mb_login"] = $login; # a gui is explicitly ordered if((isset($_REQUEST["mb_user_myGui"]) || isset($_SESSION["mb_user_myGui"])) && in_array($_REQUEST["mb_user_myGui"], $arrayGUIs)){ unset($arrayGUIs); if(isset($_REQUEST["mb_user_myGui"])){ $arrayGUIs[0] = $_REQUEST["mb_user_myGui"];} else{ $arrayGUIs[0] = $_SESSION["mb_user_myGui"];} } #only one gui is provided if(count($arrayGUIs) == 1){ $myURL = "Location: http://".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF'])."/index.php?".strip_tags (SID)."&gui_id=".$arrayGUIs[0]; # params for the initial call if(isset($_REQUEST["mb_myBBOX"])){ $myURL .= "&mb_myBBOX=".$_REQUEST["mb_myBBOX"]; } header ($myURL); exit; } # list all guis of this user and his groups else{ require_once(dirname(__FILE__)."/../php/mb_listGUIs.php"); mb_listGUIs($arrayGUIs); } } } else{ $sql_set_cnt = "UPDATE mb_user SET mb_user_login_count = (mb_user_login_count + 1) WHERE mb_user_name = $1"; $v = array($name); $t = array('s'); db_prep_query($sql_set_cnt,$v,$t); header ("Location: http://".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF'])."/login.php?name=".$name); exit(); } } ob_end_flush(); ?>