240 lines
9.4 KiB
PHP
240 lines
9.4 KiB
PHP
<?
|
|
session_start();
|
|
|
|
$last_azienda = "";
|
|
if (isset($_COOKIE["azienda"])) {
|
|
$last_azienda = $_COOKIE["azienda"];
|
|
}
|
|
|
|
if (isset($_GET["dif_user"]) && $_GET["dif_user"] == 1) {
|
|
setcookie("user");
|
|
header("Location: index.php");
|
|
}
|
|
|
|
if (isset($_COOKIE["user"]) && strlen($_COOKIE["user"]) > 0) {
|
|
$last_user = $_COOKIE["user"];
|
|
}
|
|
|
|
if (isset($_POST["azienda"])) {
|
|
$_SESSION["azienda"] = $_POST["azienda"];
|
|
setcookie("azienda", $_POST["azienda"]);
|
|
}
|
|
|
|
if (isset($_GET["f"])) {
|
|
setcookie("f", $_GET["f"]);
|
|
}
|
|
|
|
include_once("config.php");
|
|
include_once("func.php");
|
|
|
|
unset_order_in_session();
|
|
|
|
$url_imgtop = ($debugMode) ? "logintop_integry.jpg" : "custom_" . $_SESSION["azienda"] . "/logintop.jpg";
|
|
|
|
$db = new Cms;
|
|
$err_text = " ";
|
|
if (isset($_POST["username"])) {
|
|
$username = sanitize($_POST["username"]);
|
|
$password = sanitize($_POST["password"]);
|
|
setcookie("user");
|
|
$db = new Cms;
|
|
$sql = "SELECT wtb_user_groups.User_group, wtb_users.key_group, User_name, Password, e_mail, Full_name, ctrl_state,
|
|
CASE WHEN User_code IS NULL AND wtb_users.key_group = 3 THEN (
|
|
SELECT wtb_clie.cod_anag FROM wtb_clie WHERE wtb_clie.user_name = wtb_users.user_name
|
|
) ELSE User_code END AS User_code,
|
|
CASE WHEN GETDATE() > password_endtime THEN '1' ELSE '0' END AS expired
|
|
FROM wtb_users INNER JOIN wtb_user_groups ON wtb_user_groups.Key_group = wtb_users.key_group
|
|
WHERE (user_name = '{$username}' OR e_mail = '{$username}') AND
|
|
password = '{$password}'";
|
|
$db->query($sql);
|
|
if ($db->next_record()) {
|
|
deleteCache(); // IN OGNI LOGIN CONTROLLA ED ELIMINA I FILE PIU VECCHI DALLA CACHE (VEDI GESTIONE UPLOAD FILE)
|
|
$attivo = $db->f("ctrl_state");
|
|
if (strtoupper($attivo) != "S") {
|
|
$err_text = "Utente disabilitato. Contattare l'azienda per le opportune verifiche.";
|
|
} else {
|
|
$stop_login = false;
|
|
$user_group = $db->f("User_group");
|
|
$expired = ($db->f("expired") == "1");
|
|
|
|
$key_group = $db->f("key_group");
|
|
setcookie("user", $db->f("User_name"));
|
|
|
|
if (in_array($key_group, $conf["tipi_utenze_solo_interne"]) && !(strpos($_SERVER["REMOTE_ADDR"], $db->getLanipmask()) !== false)) {
|
|
$stop_login = true;
|
|
$err_text = "Utente non riconosciuto ";
|
|
}
|
|
|
|
if (!$stop_login) {
|
|
if ($expired) {
|
|
header("Location: login_expired.php?user=" . $db->f("User_name"));
|
|
} else {
|
|
$_SESSION["username"] = $db->f("User_name");
|
|
$_SESSION["fullname"] = ucwords(strtolower((strlen($db->f("Full_name")) == 0) ? $db->f("User_name") : $db->f("Full_name")));
|
|
$_SESSION["password"] = $db->f("Password");
|
|
$_SESSION["user_code"] = $db->f("User_code");
|
|
$_SESSION["gruppo"] = $db->f("key_group");
|
|
$_SESSION["login"] = true;
|
|
autocompile_email($_SESSION["user_code"], $_SESSION["gruppo"], $db->f("e_mail"));
|
|
|
|
if (isset($conf["page_menu"][$_SESSION["gruppo"]])) {
|
|
$location = $conf["page_menu"][$_SESSION["gruppo"]][0] . ".php";
|
|
if (isset($_POST["f"]) && strlen($_COOKIE["f"]) > 0) {
|
|
$location = $_POST["f"] . "&";
|
|
} else if (isset($_COOKIE["f"])) {
|
|
$location = $_COOKIE["f"] . "&";
|
|
} else {
|
|
$location .= "?";
|
|
}
|
|
|
|
if (isset($_COOKIE["f"])) {
|
|
setcookie("f");
|
|
unset($_COOKIE["f"]);
|
|
}
|
|
|
|
$location .= addGetQs($_GET, "user", $_SESSION["username"]);
|
|
|
|
/******************* fundamental query to have the relocation of page and login ******************************/
|
|
$sql = "UPDATE wtb_users SET last_access_datetime = GETDATE() WHERE User_name = '{$_SESSION["username"]}'";
|
|
|
|
if ($db->query($sql)) {
|
|
header("Location: " . $location);
|
|
}
|
|
} else {
|
|
$err_text = "Gestione utenza tipo <b>" . ucwords($user_group) . "</b> non gestita";
|
|
echo($err_text);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
} else {
|
|
$err_text = "Utente non riconosciuto";
|
|
echo($err_text);
|
|
}
|
|
}
|
|
$not_supported = false;
|
|
if (preg_match('/(?i)msie [1-8]/', $_SERVER["HTTP_USER_AGENT"])) {
|
|
$not_supported = true;
|
|
$link_last_Firefox = "http://www.mozilla.org/it/firefox/new/";
|
|
$link_last_Chrome = "http://www.google.it/intl/it/chrome/browser/";
|
|
$err_text = " La versione di Internet Explorer da voi in uso non risulta essere pienamente compatibile con l'applicazione.<br/>
|
|
Vi invitiamo ad aggiornarla ad una versione più recente o, qualora utilizziate Windows XP, ad utilizzare un browser diverso, ad esempio
|
|
<a href='$link_last_Firefox' target='_blank'>Mozilla Firefox</a> o
|
|
<a href='$link_last_Chrome' target='_blank'>Google Chrome</a>.<br/>
|
|
Grazie";
|
|
}
|
|
?>
|
|
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<meta http-equiv="X-UA-Compatible" content="IE=Edge"/>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
|
|
<title><?= ($debugMode) ? "Integry | Portale Ordini Web" : $conf["webapp_title"] ?></title>
|
|
<link rel="shortcut icon" href="images/structure/integry.ico"/>
|
|
<script type="text/javascript" src="js/external/jquery-1.8.0.min.js"></script>
|
|
<script language="javascript" type="text/javascript">
|
|
$().ready(function () {
|
|
$("input[type=<?=(isset($last_user)) ? "password" : "text"?>]:first").focus();
|
|
$("#logo_integry").click(function () {
|
|
window.open("http://www.integry.it/", "_blank");
|
|
});
|
|
/*
|
|
$("input#bLogin").on("click", function(e){
|
|
e.preventDefault();
|
|
$("#formlogin").submit();
|
|
});*/
|
|
|
|
$("#formlogin").submit(function () {
|
|
$("#loader_submit").css("visibility", "visible");
|
|
});
|
|
|
|
<?
|
|
if(isset($last_user)){?>
|
|
setTimeout(function () {
|
|
$("input[name='password']").val("");
|
|
}, 100);
|
|
<?
|
|
}
|
|
?>
|
|
});
|
|
|
|
function window_popup(url) {
|
|
var stile = "width=990, location=no, scrollbars=yes";
|
|
window.open(url, "", stile);
|
|
}
|
|
</script>
|
|
<link href="css/master.css?<?= "v" . date("dmYHi") ?>" rel="stylesheet" type="text/css"/>
|
|
<link href="css/base.css?<?= "v" . date("dmYHi") ?>" rel="stylesheet" type="text/css"/>
|
|
<style>
|
|
#formlogin .banner_az {
|
|
background: #fff <?="url(config_aziende/$url_imgtop)"?> no-repeat;
|
|
}
|
|
</style>
|
|
</head>
|
|
|
|
<body class="login">
|
|
<form id="formlogin" method="post" action="<?= $_SERVER["PHP_SELF"] ?>">
|
|
<table align="center" cellpadding="0" cellspacing="0">
|
|
<tr>
|
|
<th colspan="2">
|
|
<div class="banner_az"></div>
|
|
</th>
|
|
</tr>
|
|
<tr>
|
|
<td align="center" width="170">Username / Email</td>
|
|
<td width="180"><?
|
|
if (isset($last_user)) {
|
|
?>
|
|
<b><?= $last_user ?></b> <a href="<?= $_SERVER["PHP_SELF"] . "?dif_user=1" ?>">Utente
|
|
diverso?</a>
|
|
<input type="text" name="username" value="<?= $last_user ?>" style="display: none"/><?
|
|
} else {
|
|
?>
|
|
<input type="text" name="username"/><?
|
|
} ?>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td align="center">Password</td>
|
|
<td><input type="password" name="password" autocomplete="off"/></td>
|
|
</tr>
|
|
|
|
<?
|
|
if ($db->getAzienda() !== "cliente") {
|
|
?>
|
|
<tr>
|
|
<td align="center">Azienda</td>
|
|
<td>
|
|
<select name="azienda"><?
|
|
foreach ($arrAziende as $azienda) {
|
|
?>
|
|
<option <?= ($last_azienda == $azienda) ? selected : "" ?> value="<?= $azienda ?>"><?= ucfirst($azienda) ?></option><?
|
|
} ?>
|
|
</select>
|
|
</td>
|
|
</tr><?
|
|
} ?>
|
|
<tr>
|
|
<td colspan="2" class="errore"><?= $err_text ?></td>
|
|
</tr>
|
|
<tr>
|
|
<td align="right" colspan="2">
|
|
<a href="login_recover.php">Password dimenticata?</a><br/>
|
|
<a href="#" onclick="javascript:window_popup(" supporto.php")">Problemi di accesso?</a>
|
|
</td>
|
|
</tr>
|
|
<tr>
|
|
<td colspan="2" align="center">
|
|
<input class="button" type="submit" value="Login" id="bLogin" <?= ($not_supported) ? disabled : "" ?>/>
|
|
<div id="loader_submit" style="visibility: hidden;"></div>
|
|
</td>
|
|
</tr>
|
|
</table><?
|
|
if (isset($_GET["f"])) {
|
|
?>
|
|
<input type="hidden" name="f" value="<?= $_GET["f"] ?>" /><?
|
|
} ?>
|
|
</form>
|
|
<div id="logo_integry"></div>
|
|
</body>
|
|
</html>
|