'; ?>
Login
"; $name = $_REQUEST["name"]; $password = $_REQUEST["password"]; if(!isset($name) || $name == ''){ echo ""; } else{ echo ""; } ?> "; echo ""; if(!isset($name) || $name == '' || !isset($password) || $password == ''){ killSession(); echo "
"; echo "
"; echo "
Name:
"; echo "
Password:
"; echo "
"; echo "
Forgot your password?
"; echo "
"; echo "
"; } if(isset($name) && $name != '' && isset($password) && $password != ''){ $sql_count = "SELECT mb_user_login_count FROM mb_user WHERE mb_user_name = $1"; $params = array($name); $types = array('s'); $res_count = db_prep_query($sql_count,$params,$types); if($row = db_fetch_array($res_count)){ if($row["mb_user_login_count"] > MAXLOGIN){ echo "Permission denied. Login failed ".MAXLOGIN." times. Your account has been deactivated. Please contact your administrator!"; die(); } } $row = auth_user($name, $password); // if given user data is found in database, set session data (db_fetch_array returns false if no row is found) if($row){ setSession(); include(dirname(__FILE__)."/../../conf/session.conf"); } if($_SESSION["mb_user_id"]){ if($row["mb_user_login_count"] <= MAXLOGIN){ $sql_del_cnt = "UPDATE mb_user SET mb_user_login_count = 0 WHERE mb_user_id = $1"; $v = array($_SESSION['mb_user_id']); $t = array("i"); db_prep_query($sql_del_cnt, $v, $t); require_once(dirname(__FILE__)."/../php/mb_getGUIs.php"); $arrayGUIs = mb_getGUIs($row["mb_user_id"]); $_SESSION["mb_user_guis"] = $arrayGUIs; $_SESSION["mb_login"] = $login; # a gui is explicitly ordered if((isset($_REQUEST["mb_user_myGui"]) || isset($_SESSION["mb_user_myGui"])) && in_array($_REQUEST["mb_user_myGui"], $arrayGUIs)){ unset($arrayGUIs); if(isset($_REQUEST["mb_user_myGui"])){ $arrayGUIs[0] = $_REQUEST["mb_user_myGui"];} else{ $arrayGUIs[0] = $_SESSION["mb_user_myGui"];} } #only one gui is provided if(count($arrayGUIs) == 1){ if (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on") { $myURL = "Location: https://".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF'])."/index.php?".strip_tags (SID)."&gui_id=".$arrayGUIs[0]; } else { $myURL = "Location: http://".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF'])."/index.php?".strip_tags (SID)."&gui_id=".$arrayGUIs[0]; } # params for the initial call if(isset($_REQUEST["mb_myBBOX"])){ $myURL .= "&mb_myBBOX=".$_REQUEST["mb_myBBOX"]; } session_write_close(); header ($myURL); exit; } # list all guis of this user and his groups else{ require_once(dirname(__FILE__)."/../php/mb_listGUIs.php"); mb_listGUIs($arrayGUIs); } } } else{ $sql_set_cnt = "UPDATE mb_user SET mb_user_login_count = (mb_user_login_count + 1) WHERE mb_user_name = $1"; $v = array($name); $t = array('s'); db_prep_query($sql_set_cnt,$v,$t); if (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on") { header ("Location: https://".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF'])."/login.php?name=".$name); } else { header ("Location: http://".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF'])."/login.php?name=".$name); } exit(); } } ob_end_flush(); ?>