if ($action == "sysinfo") {
$res = $system->getCurrentUserAndSysInfo();
} else {
//no enough permission for guest
if ($system->get_user_id() < 1 && !($action == 'login' || $action == 'logout' || $action == 'reset_password' || $action == 'svs_savetree' || $action == 'svs_gettree' || $action == 'usr_save' || $action == 'usr_get' || $action == 'svs_get')) {
$response = $system->addError(HEURIST_REQUEST_DENIED);
} else {
$res = false;
if ($action == "login") {
//check request
$username = @$_REQUEST['username'];
$password = @$_REQUEST['password'];
$session_type = @$_REQUEST['session_type'];
if ($system->login($username, $password, $session_type)) {
$res = $system->getCurrentUserAndSysInfo();
checkDatabaseFunctions($mysqli);
}
} else {
if ($action == "reset_password") {
$system->user_LogActivity('ResetPassword');
if (user_ResetPassword($system, @$_REQUEST['username'])) {
$res = true;
}
} else {
if ($action == "logout") {
$system->user_LogActivity('Logout');
if ($system->logout()) {
$res = true;
}
} else {
if ($action == "save_prefs") {
} else {
if ($_REQUEST['session_type'] == 'remember') {
//Besides make sure that php.ini session.gc_maxlifetime set to the similar value
$time = time() + 30 * 24 * 60 * 60;
//remember for 30 days
$_SESSION[HEURIST_SESSION_DB_PREFIX . 'heurist']['keepalive'] = true;
}
}
}
setcookie('heurist-sessionid', session_id(), $time, '/');
// bookkeeping
mysql_connection_overwrite(USERS_DATABASE);
mysql_query('update sysUGrps usr set usr.ugr_LastLoginTime=now(), usr.ugr_LoginCount=usr.ugr_LoginCount+1
where usr.ugr_ID=' . $user[USERS_ID_FIELD]);
mysql_connection_select(USERS_DATABASE);
checkDatabaseFunctions();
if (@$last_uri) {
header('Location: ' . $last_uri);
}
} else {
$LOGIN_ERROR = 'Incorrect Username / Password - try email address for user name';
}
}
}
?>
<html>
<head>
<title>Heurist login</title>
