123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267 |
- <?
- header("Content-Type: text/html; charset=utf-8");
- session_start();
- if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 6000)) {
- // last request was more than 30 minutes ago
- session_unset(); // unset $_SESSION variable for the run-time
- session_destroy(); // destroy session data in storage
- }
- $_SESSION['LAST_ACTIVITY'] = time(); // update last activity time stamp
- header("Expires: 0");
- $add = 'Login Area';
- foreach (array_keys($_REQUEST) as $var) {
- ${$var} = $_REQUEST[$var];
- //if ($name == "Admin12") {
- //echo "<b>$var:</b> ${$var} <br>";
- //}
- }
- if ($act == "exit")
- {
- session_unset();
- session_destroy();
- session_start();
- }
- if ($_SESSION['cmdlevel'])
- $cmdlevel = $_SESSION['cmdlevel'];
- if ($_SESSION['hostid'])
- $agent_id = $_SESSION['hostid'];
- if ($_SESSION['add'])
- $add = $_SESSION['add'];
- if ($_SESSION['id'])
- $id = $_SESSION['id'];
- if ($_SESSION['name'])
- $name = $_SESSION['name'];
- foreach (array_keys($_SESSION) as $var) {
- ${$var} = $_SESSION[$var];
- //if ($name == "Admin12") {
- //echo "from session: <b>$var:</b> ${$var} <br>";
- //}
- }
- include 'functions.php';
- include 'auth.php';
- $logged_me_in_successfully234 = 0;
- if (!$_SESSION['pass'] && !$_SESSION['name'])
- {
- $table = 'accounts';
- $result=mysqli_query($link, "SELECT id, login, cmdlevel FROM $table WHERE login='".$name."' AND password='".md5($pass)."'");
- $res1 = mysqli_fetch_array($result);
- $cmdlevel = $res1['cmdlevel'];
- $id = $res1['id'];
- if ($cmdlevel == '10')
- {
- $add = "Head Administrator";
- }
- else if ($cmdlevel == '1')
- {
- $add = "Company Administrator";
- }
- else if ($cmdlevel == '2')
- {
- $add = "Company Operator";
- }
- if (mysqli_num_rows($result))
- {
- $_SESSION['pass']=$pass;
- $_SESSION['name']=$name;
- $_SESSION['add']=$add;
- $_SESSION['cmdlevel']=$cmdlevel;
- $_SESSION['id']=$id;
- $logged_me_in_successfully234 = 1;
- }
- }
- else
- $logged_me_in_successfully234 = 1;
- $query = mysqli_query($link, "update accounts set last_seen_web =NOW() where id=".$id);
- ?>
- <!DOCTYPE html>
- <meta charset="utf-8">
- <html lang="en">
- <title>ProSys Management</title>
- <link rel="stylesheet" href="style.css">
- <script src="/mail.js" type="text/javascript" encoding="utf-8"></script>
- <script src="jquery.js" type="text/javascript"></script>
- <body>
- <?
- $mycompany = getCompanyByAccount($id);
- if (!isset($companyID))
- {
- // echo "ses com ".$_SESSION['company'];
- if ($_SESSION['company'])
- $companyID = $_SESSION['company'];
- else
- {
- $companyID = $mycompany[0];
- $_SESSION['company'] = $companyID;
- }
- }
- else
- {
- $_SESSION['company'] = $companyID;
- }
- $companyname = getCompanyByID($companyID)[1];
- //echo "
- //<activecompanycontainer>
- // <activecompany>Управление компанией: <b>$companyname</b></activecompany>
- // <activecompany>Моя компания: <b>$mycompany[1]</b></activecompany>
- //</activecompanycontainer>";
- echo "<header>";
- echo "
- <h1 style ='color:white;'>ProSys Management ($add)</h1></header>";
- //echo "<section> <h2>".$add." Area</h2> </section>";
- if ($logged_me_in_successfully234 == 0)
- {
- echo "<center>";
- GetEnterForm();
- echo("<font color='red'><b>Access denied. Incorrect login or password</b><font>");
- echo "</center>";
- return;
- }
- echo "<menu>";
- if ($cmdlevel == 10)
- {
- echo "<a href='?act=global'>Глобальное управление</a><br>";
- echo "<a href='?act=devices'>Устройства</a><br>";
- echo "<a href='?act=typeobject'>Типы объектов</a><br>";
- echo "<a href='?act=object'>Объекты</a><br>";
- }
- if ($cmdlevel==1 || $cmdlevel == 10)
- {
- echo "<a href='?act=companies'>Компании</a><br>";
- echo "<a href='?act=accounts'>Аккаунты</a><br>";
- echo "<a href='?act=objects'>Объекты</a><br>";
- echo "<a href='?act=jobs'>Должности</a><br>";
- }
- if ($cmdlevel==2 || $cmdlevel == 10)
- {
- echo "<a href='?act=markers'>Визуальные метки (QR)</a><br>";
- echo "<a href='?act=tasktypes'>Типы задач</a><br>";
- echo "<a href='?act=tasks'>Задачи активные</a><br>";
- echo "<a href='?act=docs'>Документы</a><br>";
- echo "<a href='?act=reports'>Отчеты</a><br>";
- }
- if ($cmdlevel==1 || $cmdlevel==2 || $cmdlevel == 10)
- {
- echo "<a href='?act=input_data'>Входные данные</a><br>";
- echo "<a href='?act=staff'>Персонал</a><br>";
- }
- echo "<a href='?act=exit'>Выход</a><br>";
- echo "</menu>";
- echo "<nav>";
- if ($cmdlevel==10) //head admins
- {
- switch($act)
- {
- case "global": include("global.php");break;
- case "companies": include("companies.php");break;
- case "accounts": include("accounts.php");break;
- case "markers": include("markers.php");break;
- case "tasks": include("tasks.php");break;
- case "tasktypes": include("tasktypes.php");break;
- case "docs": include("docs.php");break;
- case "reports": include("reports.php");break;
- case "devices": include("devices.php");break;
- case "staff": include("staff.php");break;
- case "objects": include("objects.php");break;
- case "input_data": include("input_data.php");break;
- case "jobs": include("jobs.php");break;
- case "typeobject": include("typeobject.php");break;
- case "object": include("object.php");break;
- default:
- }
- }
- else if ($cmdlevel==1) //company admin
- {
- switch($act)
- {
- case "companies": include("companies.php");break;
- case "accounts": include("accounts.php");break;
- case "markers": include("markers.php");break;
- case "tasks": include("tasks.php");break;
- case "tasktypes": include("tasktypes.php");break;
- case "docs": include("docs.php");break;
- case "reports": include("reports.php");break;
- case "staff": include("staff.php");break;
- case "objects": include("objects.php");break;
- case "input_data": include("input_data.php");break;
- case "jobs": include("jobs.php");break;
- case "typeobject": include("typeobject.php");break;
- case "object": include("object.php");break;
- default:
- }
- }
- else if ($cmdlevel==2) //company ops
- {
- switch($act)
- {
- case "markers": include("markers.php");break;
- case "tasks": include("tasks.php");break;
- case "tasktypes": include("tasktypes.php");break;
- case "docs": include("docs.php");break;
- case "reports": include("reports.php");break;
- case "staff": include("staff.php");break;
- case "input_data": include("input_data.php");break;
- case "typeobject": include("typeobject.php");break;
- case "object": include("object.php");break;
- default:
- }
- }
- echo "</nav>";
- echo '</body>';
- function GetEnterForm()
- {
- echo "<article>
- <form method='post' action='?login'>
- <table>
- <tr>
- <td width=70>
- <b>Login</b>
- </td>
- <td>
-
- </td>
- <td>
- <input type='text' name=name value=''><br/>
- </td>
- </tr>
- <tr>
- <td>
- <b>Password </b>
- </td>
- <td>
-
- </td>
- <td>
- <input type='password' name=pass value=''>
- </td>
- </tr>
- <tr>
- <td></td>
- <td> </td>
- <td>
- <input type='submit' value='Enter'>
- </td>
- </tr>
- </table>
- </form>
- </article>";
- }
- ?>
- </html>
|