exit;
}
if (!$APP['db']->connected) {
echo "ERROR: Not connected to database.";
exit;
}
$u = false;
global $u;
$GLOBALS['u'] = $u;
$APP['u'] = $u;
if (isset($_COOKIE["hisdata"])) {
$cookie_data = $_COOKIE['hisdata'];
$cookie_data = explode(":", $cookie_data);
$cookie_user = $cookie_data[0];
$cookie_pass = $cookie_data[1];
$u = new user_user_name();
$u->get_from_hashrange($cookie_user);
if ($u->user_name != "undefined") {
if ($u->pw != $cookie_pass) {
$u = false;
}
}
} else {
if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
// UID + Secret
$u = new user_id_user();
$u->get_from_hashrange($_SERVER['PHP_AUTH_USER']);
if ($u->user_name != "undefined") {
if ($u->secret != $_SERVER['PHP_AUTH_PW']) {
$u = false;
}
// open settings file
$settings_file = $BIN_DIR . $PATH_SEPERATOR . "his-config.php";
if (!file_exists($settings_file)) {
include "existsmessage.php";
exit;
} else {
include_once $settings_file;
}
if (!$APP['db']->connected) {
include "existsmessage.php";
exit;
}
$pre_hash = $settings['salt1']['@attributes']['value'] . $_POST['pwd'] . $_POST['log'] . $settings['salt2']['@attributes']['value'];
$login_hash = sha1($pre_hash);
$_POST['log'] = str_replace(":", "", $_POST['log']);
$user_login = new user_user_name();
//$user_login->obj_debug=true;
$user_login->get_from_hashrange($_POST['log']);
$db_user_pw_hash = "";
if ($user_login->id_user != "undefined") {
$db_user_pw_hash = $user_login->pw;
}
//echo ($login_hash ." === ".$db_user_pw_hash);
if ($login_hash == $db_user_pw_hash && strlen($db_user_pw_hash) > 0) {
$expire = time() + 60 * 60 * 2;
// 2 hrs
if (isset($_POST['rememberme'])) {
if ($_POST['rememberme'] == "forever") {
$expire = time() + 60 * 60 * 24 * 7;
// 1 week
}
$PAGE->body = $PAGE->body . "<input type='hidden' name='" . htmlspecialchars($PK, ENT_NOQUOTES) . "' value='" . htmlspecialchars($PV, ENT_NOQUOTES) . "'/>";
}
}
$PAGE->body = $PAGE->body . "</p>";
$content = "";
//$content=ob_get_clean();
//ob_end_flush();
$PAGE->hide_back = true;
echo $PAGE->content();
echo "<script>\nfunction WindowLoad(event) {\n document.getElementById('btnSubmit').disabled=true;\n setTimeout('document.forms[0].submit()',1000);\n}\n\nif (window.addEventListener) { // Mozilla, Netscape, Firefox\n window.addEventListener('load', WindowLoad, false);\n} else if (window.attachEvent) { // IE\n window.attachEvent('onload', WindowLoad);\n}\n\n</script>";
exit;
}
}
if (isset($_GET['page'])) {
if ($_GET['page'] == $last_step_of_library_installation + 1 && $DB_CONNECT && $FS_CONNECT && file_exists($BIN_DIR . $PATH_SEPERATOR . "his-config.php")) {
$check_user = new user_user_name();
$check_user->get_from_hashrange($_POST['user_name']);
$pw = sha1($settings['salt1']['@attributes']['value'] . $_POST['admin_password'] . $_POST['user_name'] . $settings['salt2']['@attributes']['value']);
if ($check_user->pw != $pw) {
exit;
}
$PAGE = new SetupPage($_GET['page']);
$PAGE->title = "<p>";
$PAGE->title = $PAGE->title . getTranslation("Setup complete.", $settings);
$PAGE->body = $PAGE->body . "</p>";
$PAGE->body = $PAGE->body . "<table width='100%'><tr><td width='50%' valign='top'><p>";
$PAGE->body = $PAGE->body . getTranslation("Setup was successful. Click ", $settings);
$PAGE->body = $PAGE->body . " <a href='index.php?v=login'>";
$PAGE->body = $PAGE->body . getTranslation("here", $settings);
$PAGE->body = $PAGE->body . "</a> ";
$PAGE->body = $PAGE->body . getTranslation(" to login to HIS.", $settings);