function checkpass() { global $conn, $PHP_AUTH_PW; if (isset($_SERVER["PHP_AUTH_USER"])) { $q3 = "select 0 from users where login = '******'PHP_AUTH_USER'] . "' and password = MD5('" . $PHP_AUTH_PW . "')"; $res = $conn->Execute($q3); $toReturn = FALSE; if (isset($res->fields[0])) { $qD = "DELETE FROM unauth WHERE ip = '" . $_SERVER['REMOTE_ADDR'] . "'"; $conn->Execute($qD); $toReturn = TRUE; } else { $qA = "SELECT count(username) as falses FROM unauth WHERE logintime > DATE_SUB(NOW(),INTERVAL 5 MINUTE) AND ip = '" . $_SERVER['REMOTE_ADDR'] . "'"; $resA = $conn->Execute($qA); if ($resA->fields[0] > 5) { nopass(TRUE); die; } $qC = "INSERT INTO unauth (username, pass, ip,x_forwardeded_for) VALUES ('" . $_SERVER['PHP_AUTH_USER'] . "', '" . $PHP_AUTH_PW . "','" . $_SERVER['REMOTE_ADDR'] . "', '" . (isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : '') . "')"; $conn->Execute($qC); //sleep(2); } return $toReturn; } }
// Export if ($export == "excel") { include "../include/export/2excel.php"; $expor_excel = new MID_SQLPARAExel(); } // Load language LanguageSetup($lang); // Colors scheme ColorSetup($color); // Соединимся с SQL сервером connect_to_db(); if (!checkpass()) { nopass(); } if (!hasprivilege("access", false)) { nopass(); } // Опишем базовые переменные // ---------------------------------------------------------------------------- // if (empty($mon)) { $mon = date("m", mktime(0, 0, 0, date("m"), 1, date("Y"))); } if (empty($day)) { $day = date("d", mktime(0, 0, 0, date("m"), 1, date("Y"))); } if (empty($year)) { $year = date("Y", mktime(0, 0, 0, date("m"), 1, date("Y"))); } if (empty($mon2)) { $mon2 = date("m", mktime(0, 0, 0, date("m") + 1, 0, date("Y")));