index2.php 7.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267
  1. <?
  2. header("Content-Type: text/html; charset=utf-8");
  3. session_start();
  4. if (isset($_SESSION['LAST_ACTIVITY']) && (time() - $_SESSION['LAST_ACTIVITY'] > 6000)) {
  5. // last request was more than 30 minutes ago
  6. session_unset(); // unset $_SESSION variable for the run-time
  7. session_destroy(); // destroy session data in storage
  8. }
  9. $_SESSION['LAST_ACTIVITY'] = time(); // update last activity time stamp
  10. header("Expires: 0");
  11. $add = 'Login Area';
  12. foreach (array_keys($_REQUEST) as $var) {
  13. ${$var} = $_REQUEST[$var];
  14. //if ($name == "Admin12") {
  15. //echo "<b>$var:</b> ${$var} <br>";
  16. //}
  17. }
  18. if ($act == "exit")
  19. {
  20. session_unset();
  21. session_destroy();
  22. session_start();
  23. }
  24. if ($_SESSION['cmdlevel'])
  25. $cmdlevel = $_SESSION['cmdlevel'];
  26. if ($_SESSION['hostid'])
  27. $agent_id = $_SESSION['hostid'];
  28. if ($_SESSION['add'])
  29. $add = $_SESSION['add'];
  30. if ($_SESSION['id'])
  31. $id = $_SESSION['id'];
  32. if ($_SESSION['name'])
  33. $name = $_SESSION['name'];
  34. foreach (array_keys($_SESSION) as $var) {
  35. ${$var} = $_SESSION[$var];
  36. //if ($name == "Admin12") {
  37. //echo "from session: <b>$var:</b> ${$var} <br>";
  38. //}
  39. }
  40. include 'functions.php';
  41. include 'auth.php';
  42. $logged_me_in_successfully234 = 0;
  43. if (!$_SESSION['pass'] && !$_SESSION['name'])
  44. {
  45. $table = 'accounts';
  46. $result=mysqli_query($link, "SELECT id, login, cmdlevel FROM $table WHERE login='".$name."' AND password='".md5($pass)."'");
  47. $res1 = mysqli_fetch_array($result);
  48. $cmdlevel = $res1['cmdlevel'];
  49. $id = $res1['id'];
  50. if ($cmdlevel == '10')
  51. {
  52. $add = "Head Administrator";
  53. }
  54. else if ($cmdlevel == '1')
  55. {
  56. $add = "Company Administrator";
  57. }
  58. else if ($cmdlevel == '2')
  59. {
  60. $add = "Company Operator";
  61. }
  62. if (mysqli_num_rows($result))
  63. {
  64. $_SESSION['pass']=$pass;
  65. $_SESSION['name']=$name;
  66. $_SESSION['add']=$add;
  67. $_SESSION['cmdlevel']=$cmdlevel;
  68. $_SESSION['id']=$id;
  69. $logged_me_in_successfully234 = 1;
  70. }
  71. }
  72. else
  73. $logged_me_in_successfully234 = 1;
  74. $query = mysqli_query($link, "update accounts set last_seen_web =NOW() where id=".$id);
  75. ?>
  76. <!DOCTYPE html>
  77. <meta charset="utf-8">
  78. <html lang="en">
  79. <title>ProSys Management</title>
  80. <link rel="stylesheet" href="style.css">
  81. <script src="/mail.js" type="text/javascript" encoding="utf-8"></script>
  82. <script src="jquery.js" type="text/javascript"></script>
  83. <body>
  84. <?
  85. $mycompany = getCompanyByAccount($id);
  86. if (!isset($companyID))
  87. {
  88. // echo "ses com ".$_SESSION['company'];
  89. if ($_SESSION['company'])
  90. $companyID = $_SESSION['company'];
  91. else
  92. {
  93. $companyID = $mycompany[0];
  94. $_SESSION['company'] = $companyID;
  95. }
  96. }
  97. else
  98. {
  99. $_SESSION['company'] = $companyID;
  100. }
  101. $companyname = getCompanyByID($companyID)[1];
  102. //echo "
  103. //<activecompanycontainer>
  104. // <activecompany>Управление компанией: <b>$companyname</b></activecompany>
  105. // <activecompany>Моя компания: <b>$mycompany[1]</b></activecompany>
  106. //</activecompanycontainer>";
  107. echo "<header>";
  108. echo "
  109. <h1 style ='color:white;'>ProSys Management ($add)</h1></header>";
  110. //echo "<section> <h2>".$add." Area</h2> </section>";
  111. if ($logged_me_in_successfully234 == 0)
  112. {
  113. echo "<center>";
  114. GetEnterForm();
  115. echo("<font color='red'><b>Access denied. Incorrect login or password</b><font>");
  116. echo "</center>";
  117. return;
  118. }
  119. echo "<menu>";
  120. if ($cmdlevel == 10)
  121. {
  122. echo "<a href='?act=global'>Глобальное управление</a><br>";
  123. echo "<a href='?act=devices'>Устройства</a><br>";
  124. echo "<a href='?act=typeobject'>Типы объектов</a><br>";
  125. echo "<a href='?act=object'>Объекты</a><br>";
  126. }
  127. if ($cmdlevel==1 || $cmdlevel == 10)
  128. {
  129. echo "<a href='?act=companies'>Компании</a><br>";
  130. echo "<a href='?act=accounts'>Аккаунты</a><br>";
  131. echo "<a href='?act=objects'>Объекты</a><br>";
  132. echo "<a href='?act=jobs'>Должности</a><br>";
  133. }
  134. if ($cmdlevel==2 || $cmdlevel == 10)
  135. {
  136. echo "<a href='?act=markers'>Визуальные метки (QR)</a><br>";
  137. echo "<a href='?act=tasktypes'>Типы задач</a><br>";
  138. echo "<a href='?act=tasks'>Задачи активные</a><br>";
  139. echo "<a href='?act=docs'>Документы</a><br>";
  140. echo "<a href='?act=reports'>Отчеты</a><br>";
  141. }
  142. if ($cmdlevel==1 || $cmdlevel==2 || $cmdlevel == 10)
  143. {
  144. echo "<a href='?act=input_data'>Входные данные</a><br>";
  145. echo "<a href='?act=staff'>Персонал</a><br>";
  146. }
  147. echo "<a href='?act=exit'>Выход</a><br>";
  148. echo "</menu>";
  149. echo "<nav>";
  150. if ($cmdlevel==10) //head admins
  151. {
  152. switch($act)
  153. {
  154. case "global": include("global.php");break;
  155. case "companies": include("companies.php");break;
  156. case "accounts": include("accounts.php");break;
  157. case "markers": include("markers.php");break;
  158. case "tasks": include("tasks.php");break;
  159. case "tasktypes": include("tasktypes.php");break;
  160. case "docs": include("docs.php");break;
  161. case "reports": include("reports.php");break;
  162. case "devices": include("devices.php");break;
  163. case "staff": include("staff.php");break;
  164. case "objects": include("objects.php");break;
  165. case "input_data": include("input_data.php");break;
  166. case "jobs": include("jobs.php");break;
  167. case "typeobject": include("typeobject.php");break;
  168. case "object": include("object.php");break;
  169. default:
  170. }
  171. }
  172. else if ($cmdlevel==1) //company admin
  173. {
  174. switch($act)
  175. {
  176. case "companies": include("companies.php");break;
  177. case "accounts": include("accounts.php");break;
  178. case "markers": include("markers.php");break;
  179. case "tasks": include("tasks.php");break;
  180. case "tasktypes": include("tasktypes.php");break;
  181. case "docs": include("docs.php");break;
  182. case "reports": include("reports.php");break;
  183. case "staff": include("staff.php");break;
  184. case "objects": include("objects.php");break;
  185. case "input_data": include("input_data.php");break;
  186. case "jobs": include("jobs.php");break;
  187. case "typeobject": include("typeobject.php");break;
  188. case "object": include("object.php");break;
  189. default:
  190. }
  191. }
  192. else if ($cmdlevel==2) //company ops
  193. {
  194. switch($act)
  195. {
  196. case "markers": include("markers.php");break;
  197. case "tasks": include("tasks.php");break;
  198. case "tasktypes": include("tasktypes.php");break;
  199. case "docs": include("docs.php");break;
  200. case "reports": include("reports.php");break;
  201. case "staff": include("staff.php");break;
  202. case "input_data": include("input_data.php");break;
  203. case "typeobject": include("typeobject.php");break;
  204. case "object": include("object.php");break;
  205. default:
  206. }
  207. }
  208. echo "</nav>";
  209. echo '</body>';
  210. function GetEnterForm()
  211. {
  212. echo "<article>
  213. <form method='post' action='?login'>
  214. <table>
  215. <tr>
  216. <td width=70>
  217. <b>Login</b>
  218. </td>
  219. <td>
  220. &nbsp;
  221. </td>
  222. <td>
  223. <input type='text' name=name value=''><br/>
  224. </td>
  225. </tr>
  226. <tr>
  227. <td>
  228. <b>Password </b>
  229. </td>
  230. <td>
  231. &nbsp;
  232. </td>
  233. <td>
  234. <input type='password' name=pass value=''>
  235. </td>
  236. </tr>
  237. <tr>
  238. <td></td>
  239. <td>&nbsp;</td>
  240. <td>
  241. <input type='submit' value='Enter'>
  242. </td>
  243. </tr>
  244. </table>
  245. </form>
  246. </article>";
  247. }
  248. ?>
  249. </html>