Location: PHPKode > projects > Serveur Multicartes IPX800 > multicardipx800/LoginCheckXml.php
<?php
require_once('LoadConfig.php');
session_name((string)$GLOBALS["config"]->general->namesession); 
session_start();

require_once('connect_mysql.php');
require_once('fctphp/function.php');

if ( isset($GLOBALS["config"]->users) )
{ 
  //Recherche de l'utilisateur dans le fichier de conf
	$xpath = "//users/user[label='".$_POST['login']."']";
	$ListUser = $GLOBALS["config"]->xpath($xpath);
	// Si  l'utilisateur a été trouvé
  if ( count($ListUser) == 1 )
	{
		foreach($ListUser as $user)
		{ //Si le mot de passe correspond
			if ( $user->pass == md5($_POST['pass']) )
			{ // Si le compte n'est pas actif
				if ( $user->actif != 1 )
				{
					header ("Refresh: 2;URL=index.php");
					include('Head.php');                            
					include('Topbar.php');                          
					echo '<script type="text/javascript" language="javascript">UpdateMsg("Compte non actif","alert");</script>';
				}
				else
				{ // Si le compte est actif
					header ("Refresh: 2;URL=index.php");
					include('Head.php');
					include('Topbar.php');
					$_SESSION['privilege'] = (int)$user->privilege;
					if ( isset($_POST['ajax']) && $_POST['ajax'] == "Ok" )
						$_SESSION['ajax'] = true;
					else
						$_SESSION['ajax'] = false;
					if ( isset($_POST['keepconnect']) )
						setcookie("login", $_POST['login'], time()+$GLOBALS["config"]->general->cookie);
       
          if ( isset($_POST['basdebit']))
            {echo "<script>GetXML('Debit.php?debit=0', AjaxUpdateMessage, '', '')</script>";}
          else
            {echo "<script>GetXML('Debit.php?debit=1', AjaxUpdateMessage, '', '')</script>";}
   
					$_SESSION["LoginConn"] = (string)$_POST['login'];
					$_SESSION["AuthId"] = (string)$user->attributes()->numero;
					$_SESSION["timezone"] = (string)$user->timezone;
					echo '<script type="text/javascript" language="javascript">UpdateMsg("Identification correcte","information");</script>';
					
					date_default_timezone_set($_SESSION["timezone"]);
					trace($_SESSION["LoginConn"].' connecte', "acces");
					if ( $user->pushto != "" and $user->notifier=='1')
					{
						$_SESSION["ClientIP"] = getenv("HTTP_X_FORWARDED_FOR") ? getenv("HTTP_X_FORWARDED_FOR") : getenv("REMOTE_ADDR");
						pushto($_SESSION["LoginConn"].' ('.$_SESSION["ClientIP"].') connecté', $user->pushto);
					}
				}
			}
			else
			{ // Si le mot de passe est faux
				header ("Refresh: 2;URL=index.php");
				include('Head.php');                            
				include('Topbar.php');                          
				echo '<script type="text/javascript" language="javascript">UpdateMsg("Identifiant ou mot de passe incorrect","alert");</script>';
			}
		}
	}
	else
	{ //Si l'utilisateur n'est pas trouvé
		header ("Refresh: 2;URL=index.php");
		include('Head.php');                            
		include('Topbar.php');                          
		echo '<script type="text/javascript" language="javascript">UpdateMsg("Identifiant ou mot de passe incorrect","alert");</script>';
	}
}
// Si aucun utilisateur n'existe (première utilisation connexion en tant qu'admin)
elseif ( ! isset($GLOBALS["config"]->users) )
{
	$_SESSION['privilege'] = 100;
	$_SESSION["LoginConn"] = "admin";
	$_SESSION["AuthId"] = "0";
	header ("Refresh: 2;URL=Add.php?class=user&HTTP_REFERER=Logout.php");
}

elseif ( ! isset($_SESSION["LoginConn"]) )
{
  require('Head.php');
  require('Topbar.php');
	?>
  <script type="text/javascript" language="javascript">UpdateMsg("Accès interdit","alert");</script>;
	<?php
}
?>
</body>
</html>
100% Free PHP Newsletter Script! Download now!
Return current item: Serveur Multicartes IPX800