function checkpass()
{
global $conn, $PHP_AUTH_PW;
if (isset($_SERVER["PHP_AUTH_USER"])) {
$q3 = "select 0 from users where login = '******'PHP_AUTH_USER'] . "' and password = MD5('" . $PHP_AUTH_PW . "')";
$res = $conn->Execute($q3);
$toReturn = FALSE;
if (isset($res->fields[0])) {
$qD = "DELETE FROM unauth WHERE ip = '" . $_SERVER['REMOTE_ADDR'] . "'";
$conn->Execute($qD);
$toReturn = TRUE;
} else {
$qA = "SELECT count(username) as falses FROM unauth WHERE logintime > DATE_SUB(NOW(),INTERVAL 5 MINUTE) AND ip = '" . $_SERVER['REMOTE_ADDR'] . "'";
$resA = $conn->Execute($qA);
if ($resA->fields[0] > 5) {
nopass(TRUE);
die;
}
$qC = "INSERT INTO unauth (username, pass, ip,x_forwardeded_for) VALUES ('" . $_SERVER['PHP_AUTH_USER'] . "', '" . $PHP_AUTH_PW . "','" . $_SERVER['REMOTE_ADDR'] . "', '" . (isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : '') . "')";
$conn->Execute($qC);
//sleep(2);
}
return $toReturn;
}
}
// Export
if ($export == "excel") {
include "../include/export/2excel.php";
$expor_excel = new MID_SQLPARAExel();
}
// Load language
LanguageSetup($lang);
// Colors scheme
ColorSetup($color);
// Соединимся с SQL сервером
connect_to_db();
if (!checkpass()) {
nopass();
}
if (!hasprivilege("access", false)) {
nopass();
}
// Опишем базовые переменные
// ----------------------------------------------------------------------------
//
if (empty($mon)) {
$mon = date("m", mktime(0, 0, 0, date("m"), 1, date("Y")));
}
if (empty($day)) {
$day = date("d", mktime(0, 0, 0, date("m"), 1, date("Y")));
}
if (empty($year)) {
$year = date("Y", mktime(0, 0, 0, date("m"), 1, date("Y")));
}
if (empty($mon2)) {
$mon2 = date("m", mktime(0, 0, 0, date("m") + 1, 0, date("Y")));
