API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 10th, 2017
113
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.44 KB | None | 0 0
raw download clone embed print report
  1. <?php require_once('Connections/flexip.php'); ?>
  2. <?php
  3. if (!function_exists("GetSQLValueString")) {
  4. function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
  5. {
  6. if (PHP_VERSION < 6) {
  7. $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  8. }
  9.  
  10. $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
  11.  
  12. switch ($theType) {
  13. case "text":
  14. $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
  15. break;
  16. case "long":
  17. case "int":
  18. $theValue = ($theValue != "") ? intval($theValue) : "NULL";
  19. break;
  20. case "double":
  21. $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
  22. break;
  23. case "date":
  24. $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
  25. break;
  26. case "defined":
  27. $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
  28. break;
  29. }
  30. return $theValue;
  31. }
  32. }
  33.  
  34.  
  35. ?>
  36. <?php
  37. // *** Validate request to login to this site.
  38. if (!isset($_SESSION)) {
  39. session_start();
  40. }
  41.  
  42. $loginFormAction = $_SERVER['PHP_SELF'];
  43. if (isset($_GET['accesscheck'])) {
  44. $_SESSION['PrevUrl'] = $_GET['accesscheck'];
  45. }
  46.  
  47. if (isset($_POST['user'])) {
  48. $loginUsername=$_POST['user'];
  49. $password= md5($_POST['pass']);
  50. $MM_fldUserAuthorization = "Access";
  51. $MM_redirectLoginSuccess = "account.php";
  52. $MM_redirectLoginFailed = "Incorrect Details";
  53. $MM_redirecttoReferrer = false;
  54. mysql_select_db($database_flexip, $flexip);
  55.  
  56. $LoginRS__query=sprintf("SELECT Username, Password, Access FROM users WHERE Username=%s AND Password=%s",
  57. GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));
  58.  
  59. $LoginRS = mysql_query($LoginRS__query, $flexip) or die(mysql_error());
  60. $loginFoundUser = mysql_num_rows($LoginRS);
  61. if ($loginFoundUser) {
  62.  
  63. $loginStrGroup = mysql_result($LoginRS,0,'Access');
  64.  
  65. if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();}
  66. //declare two session variables and assign them
  67. $_SESSION['MM_Username'] = $loginUsername;
  68. $_SESSION['MM_UserGroup'] = $loginStrGroup;
  69.  
  70. if (isset($_SESSION['PrevUrl']) && false) {
  71. $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
  72. }
  73. header("Location: " . $MM_redirectLoginSuccess );
  74. }
  75. else {
  76. // header("Location: ". $MM_redirectLoginFailed );
  77. $myerror = $MM_redirectLoginFailed;
  78. }
  79. }
  80. ?>
  81. <?php include('head.php'); ?>
  82. <?php include('nav.php'); ?>
  83. <?php include('login_body.php'); ?>
  84. <?php include('footer.php'); ?>
  85.  
  86. <?php
  87. if (!isset($_SESSION)) {
  88. session_start();
  89. }
  90. $MM_authorizedUsers = "admin";
  91. $MM_donotCheckaccess = "true";
  92. // *** Restrict Access To Page: Grant or deny access to this page
  93. function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
  94. // For security, start by assuming the visitor is NOT authorized.
  95. $isValid = True;
  96. // When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
  97. // Therefore, we know that a user is NOT logged in if that Session variable is blank.
  98. if (!empty($UserName)) {
  99. // Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
  100. // Parse the strings into arrays.
  101. $arrUsers = Explode(",", $strUsers);
  102. $arrGroups = Explode(",", $strGroups);
  103. if (in_array($UserName, $arrUsers)) {
  104. $isValid = true;
  105. }
  106. // Or, you may restrict access to only certain users based on their username.
  107. if (in_array($UserGroup, $arrGroups)) {
  108. $isValid = true;
  109. }
  110. if (($strUsers == "") && false) {
  111. $isValid = true;
  112. }
  113. }
  114. return $isValid;
  115. }
  116. $MM_restrictGoTo = "login.php";
  117. if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
  118. $MM_qsChar = "?";
  119. $MM_referrer = $_SERVER['PHP_SELF'];
  120. if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
  121. if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0)
  122. $MM_referrer .= "?" . $_SERVER['QUERY_STRING'];
  123. $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
  124. header("Location: ". $MM_restrictGoTo);
  125. exit;
  126. }
  127. ?>
  128. <?php include('head.php'); ?>
  129. <?php include('nav.php'); ?>
  130. <?php include('account_body.php'); ?>
  131. <?php include('footer.php'); ?>
  132.  
  133. ini_set('session.save_path',realpath(dirname($_SERVER['DOCUMENT_ROOT']) . 'myfolder'));
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!