<?php
//see if logged in
session_start();
if(isset($_SESSION["pid"])) {header("Location: default.php");}
/********************************8
LOGON INFO:
Logon authorization comes from p_people table
Cookies set:
-pid = p_people.pid (unique, non changing person id. all other tables use this field as their foreign key)
-uid = p_people.userlogon (logon name, primarily used for legacy purposes)
-firstname = p_people.name_first + 1 letter of p_people.name_last (use for public displays, like message board etc)
-role = p_people.role (used for routing and permissions)
*/
//if not logged in, display the logon screen
$badlogon = "";
if ($_POST){
$username = $_POST["username"];
$pw = $_POST["pw"];
//see if user and password are ok
//set up connection to mysql database
//this script pulls the db connection info from db_def.php
include("include/connections.php"); //you must update this file for each project
mysql_select_db($database, $conn);
//first, get username out of moregroupware db
$qry_allowed = "SELECT * FROM tt_users WHERE ((email = '$username') and (Password = '$pw'))";
$result_allowed = mysql_query($qry_allowed, $conn) or die(mysql_error());
if($my_row = mysql_fetch_array($result_allowed)) {
//exists in client list of more groupware
//username is found and password matches
//Start session and set cookie with userlogon
//session_start();
$_SESSION["uid"] = $username;
$_SESSION["pid"] = $my_row['UserID'];
$_SESSION["firstname"] = $my_row['FirstName'] . " " . $my_row['LastName'];
//we assume this person is a client, unless they exist in our ee table
//moregroupware groupid 8=Technician
if ($my_row['Role']=="T"){
//tech
$therole = "T";
$_SESSION["role"] = $therole;
$_SESSION["type"] = 'E';
} else {
//client
$therole = "U";
$_SESSION["role"] = $therole;
$_SESSION["type"] = 'C';
}
//redirect to secure index page based on role
//select case role...
if (isset($whendone)){
header("Location: $whendone");
}else{
if($therole=="T"){ //technician
header("Location: technician/default.php");
}else{
header("Location: default.php");
}
} //end if
//no user name found
}else{
$badlogon = "Username or password incorrect.";
}
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Logon</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body topmargin="0">
<?php include("header.php"); ?>
<br>
<h2 align=center><font face="Verdana, Arial, Helvetica, sans-serif">Tech Ticket System</font></h1>
<h3 align="center"><font color="#FF0000"><?php echo $badlogon; ?></font></h3>
<FORM action="index.php" method="POST">
<input type="hidden" name="action" value="login">
<table align="center" border="0" cellpadding="2" cellspacing="2">
<tr>
<td>
<strong>
<font color="#000000" size="2" face="Verdana, Arial, Helvetica, sans-serif">
Email address
</font>
</strong>
</td>
<td width="157">
<INPUT TYPE="TEXT" name="username" align="middle" maxlength="50" style="background-color:#cccccc;width:100%;" onFocus="this.style.backgroundColor='#ffffcc'" onBlur="this.style.backgroundColor='#cccccc'" >
</td>
</tr>
<tr>
<td><strong><font color="#000000" size="2" face="Verdana, Arial, Helvetica, sans-serif">Password</font></strong></td>
<td>
<INPUT TYPE="password" name="pw" align="middle" maxlength="20" style="background-color:#cccccc;width:100%;" onFocus="this.style.backgroundColor='#ffffcc'" onBlur="this.style.backgroundColor='#cccccc'" >
</td>
</tr>
<tr>
<?php if(isset($whendone)) { ?><input type="hidden" name="whendone" value="<?php echo $whendone; ?>"><?php } ?>
<td colspan="2" align="center"><INPUT TYPE="SUBMIT" name="submit" value="Submit" align="middle"></td>
</tr>
<tr>
<td colspan="2" align="right">
<font size="1" face="Verdana, Arial, Helvetica, sans-serif">
<a href="forgot_password.php">forgot password?</a>
</font>
</td>
</tr>
</table>
</FORM>
<?php include("footer.php"); ?>
</body>
</html>