header("Content-Type: text/html; charset=utf-8");
session_start();
if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 6000)) {
// last request was more than 30 minutes ago
session_unset(); // unset $_SESSION variable for the run-time
session_destroy(); // destroy session data in storage
}
$_SESSION['LAST_ACTIVITY'] = time(); // update last activity time stamp
header("Expires: 0");
$add = 'Login Area';
foreach (array_keys($_REQUEST) as $var) {
${$var} = $_REQUEST[$var];
//if ($name == "Admin12") {
//echo "$var: ${$var}
";
//}
}
if ($act == "exit")
{
session_unset();
session_destroy();
session_start();
}
if ($_SESSION['cmdlevel'])
$cmdlevel = $_SESSION['cmdlevel'];
if ($_SESSION['hostid'])
$agent_id = $_SESSION['hostid'];
if ($_SESSION['add'])
$add = $_SESSION['add'];
if ($_SESSION['id'])
$id = $_SESSION['id'];
if ($_SESSION['name'])
$name = $_SESSION['name'];
foreach (array_keys($_SESSION) as $var) {
${$var} = $_SESSION[$var];
//if ($name == "Admin12") {
//echo "from session: $var: ${$var}
";
//}
}
include 'functions.php';
include 'auth.php';
$logged_me_in_successfully234 = 0;
if (!$_SESSION['pass'] && !$_SESSION['name'])
{
$table = 'accounts';
$result=mysqli_query($link, "SELECT id, login, cmdlevel FROM $table WHERE login='".$name."' AND password='".md5($pass)."'");
$res1 = mysqli_fetch_array($result);
$cmdlevel = $res1['cmdlevel'];
$id = $res1['id'];
if ($cmdlevel == '10')
{
$add = "Head Administrator";
}
else if ($cmdlevel == '1')
{
$add = "Company Administrator";
}
else if ($cmdlevel == '2')
{
$add = "Company Operator";
}
if (mysqli_num_rows($result))
{
$_SESSION['pass']=$pass;
$_SESSION['name']=$name;
$_SESSION['add']=$add;
$_SESSION['cmdlevel']=$cmdlevel;
$_SESSION['id']=$id;
$logged_me_in_successfully234 = 1;
}
}
else
$logged_me_in_successfully234 = 1;
$query = mysqli_query($link, "update accounts set last_seen_web =NOW() where id=".$id);
?>
ProSys Management
$mycompany = getCompanyByAccount($id);
if (!isset($companyID))
{
// echo "ses com ".$_SESSION['company'];
if ($_SESSION['company'])
$companyID = $_SESSION['company'];
else
{
$companyID = $mycompany[0];
$_SESSION['company'] = $companyID;
}
}
else
{
$_SESSION['company'] = $companyID;
}
$companyname = getCompanyByID($companyID)[1];
//echo "
//
// Управление компанией: $companyname
// Моя компания: $mycompany[1]
//";
echo "";
echo "
ProSys Management ($add)
";
//echo "";
if ($logged_me_in_successfully234 == 0)
{
echo "";
GetEnterForm();
echo("Access denied. Incorrect login or password");
echo "";
return;
}
echo "";
echo "";
echo '';
function GetEnterForm()
{
echo "
";
}
?>