$password = quote_smart($_REQUEST['password']); $user_type = quote_smart($_REQUEST['usertype']); $username = strtolower($username); $curtemplate = $_SESSION["gw_template"]; $smarty = new Smarty(); $smarty->compile_check = true; $smarty->debugging = false; if ($_GET['demo']) { $username = '******'; $password = '******'; $user_type = 'merchant'; $result = general_login($username, $password, $user_type, 1); $smarty->assign("login_result", $result); } else { if ($username) { $result = general_login($username, $password, $user_type, 1); $smarty->assign("login_result", $result); } } $template_page_tpl = 'main.tpl'; if ($curtemplate_overwrite) { if (file_exists($etel_root_path . "/tmpl/" . $curtemplate_overwrite . "/" . $template_page_tpl)) { $curtemplate = $curtemplate_overwrite; } } $smarty->template_dir = $etel_root_path . "/tmpl/" . $curtemplate . "/"; $smarty->compile_dir = $etel_root_path . "/tmpl/" . $curtemplate . "_c/"; $smarty->config_dir = $etel_root_path . "/tmpl/" . $curtemplate . "/config/"; $smarty->assign("rootdir", $etel_domain_path); $smarty->assign("tempdir", $etel_domain_path . "/tmpl/" . $curtemplate . "/"); $smarty->assign("HackerSafe", $HackerSafe);
// labels.php,printemailforms.php,maileditor.php,shipping.php,shippingdetails.php,logout.php // editCompanyProfile1.php: This admin page functions for editing the company details. $allowBank = true; include "includes/sessioncheck.php"; include "../includes/completion.php"; $markComp = "Mark this Company"; $loginas = isset($HTTP_GET_VARS["loginas"]) ? trim($HTTP_GET_VARS["loginas"]) : ""; if ($loginas) { $etel_debug_mode = 0; require_once "../includes/dbconnection.php"; $_SESSION["loginredirect"] = "None"; if ($resellerInfo['isMasterMerchant']) { $_SESSION["gw_masterMerchant_info"] = etelEnc($_SESSION["gw_user_username"] . "|" . $_SESSION["gw_user_password"] . "|Reseller|" . $_SESSION['gw_id'] . "|editCompanyProfile.php?company_id=" . $_GET['company_id']); } $_SESSION["gw_admin_info"] = etelEnc($_SESSION["gw_user_username"] . "|" . $_SESSION["gw_user_password"] . "|Admin|" . $_SESSION['gw_id'] . "|editCompanyProfile1.php?company_id=" . $_GET['company_id']); general_login($_GET['username'], $_GET['password'], "merchant", $_GET['gw_id'], false); die; } $headerInclude = "companies"; include "includes/header.php"; $sessionAdmin = isset($HTTP_SESSION_VARS["sessionAdmin"]) ? $HTTP_SESSION_VARS["sessionAdmin"] : ""; $str_update = isset($HTTP_POST_VARS["update"]) ? $HTTP_POST_VARS["update"] : ""; $trans_activity = ""; $is_Gateway = isset($HTTP_GET_VARS["GatewayCompany"]) ? quote_smart($HTTP_GET_VARS["GatewayCompany"]) : ""; if ($str_update == "yes") { $username = isset($HTTP_POST_VARS['username']) ? quote_smart($HTTP_POST_VARS['username']) : ""; $userid = isset($HTTP_POST_VARS['userid']) ? quote_smart($HTTP_POST_VARS['userid']) : ""; $companyname = isset($HTTP_POST_VARS['companyname']) ? quote_smart($HTTP_POST_VARS['companyname']) : ""; $contact_email = isset($HTTP_POST_VARS['contact_email']) ? quote_smart($HTTP_POST_VARS['contact_email']) : ""; $email = isset($HTTP_POST_VARS['email']) ? quote_smart($HTTP_POST_VARS['email']) : ""; //$email = (isset($HTTP_POST_VARS['email'])?quote_smart($HTTP_POST_VARS['email']):"");
$user_type = isset($HTTP_POST_VARS['usertype']) ? Trim($HTTP_POST_VARS['usertype']) : ""; $securityno = isset($HTTP_POST_VARS['securitycode']) ? Trim($HTTP_POST_VARS['securitycode']) : ""; $securityno_original = isset($HTTP_POST_VARS['securitycode_original']) ? Trim($HTTP_POST_VARS['securitycode_original']) : ""; $invalidlogin = ""; $activitytype = ""; if ($password != "" && $username != "" && $securityno_original != "") { // && $securityno_original==$securityno){ session_destroy(); session_start(); $username = strtolower($username); if ($username == "demo") { header("location:Demo/index.php"); exit; } require_once "includes/dbconnection.php"; general_login($username, $password, $user_type, 3); } ?> <html> <head> <title>etelegate.com</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <link href="style.css" rel="stylesheet" type="text/css"> <script language="JavaScript" type="text/JavaScript"> <!-- function MM_swapImgRestore() { //v3.0 var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc; } function MM_preloadImages() { //v3.0 var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array();
<?php session_start(); $localdir = "../../"; chdir($localdir); require_once 'includes/function.php'; $database["server"] = "localhost"; $database["user"] = "******"; $database["password"] = "******"; // $database["database"] ="dbs_companysetup"; $database["database"] = "etel_gwEcomGlobal"; $cnn_cs = mysql_connect($database["server"], $database["user"], $database["password"]) or die("Could not find server"); mysql_select_db($database["database"], $cnn_cs) or die("Unable to connect database"); if ($_POST['Login'] == "Login") { general_login($_POST['username'], $_POST['password'], $_POST['type'], 2); } ?> <form name="form1" method="post" action=""> <input type="hidden" name="login_redir" value="<?php echo $_REQUEST['login_redir']; ?> "> <div align="center"> <table width="200" border="1"> <tr bgcolor="#CCCCCC"> <th scope="col"> </th> <th scope="col">Gateway Login </th> </tr> <tr>
// viewreportpage_negative.php,batchuploads.php,voicesystem.php,voicesystemreport.php,voicesystemdetails.php,companyAdd.php,companies_blank.php // modifycompany.php,companyuser.php,orderemail.php,enquires.php,report_custom.php,service_users.php,export.php,ledger.php // labels.php,printemailforms.php,maileditor.php,shipping.php,shippingdetails.php,logout.php // modifyReseller.php: This admin page functions for adding the company user. include "includes/sessioncheck.php"; $loginas = isset($HTTP_GET_VARS["loginas"]) ? trim($HTTP_GET_VARS["loginas"]) : ""; if ($loginas) { $etel_debug_mode = 0; require_once "../includes/dbconnection.php"; $i_reseller_id = isset($HTTP_GET_VARS["reseller_id"]) ? $HTTP_GET_VARS["reseller_id"] : ""; $_SESSION["loginredirect"] = "None"; $_SESSION["gw_admin_info"] = etelEnc($_SESSION["gw_user_username"] . "|" . $_SESSION["gw_user_password"] . "|Admin|" . $_SESSION['gw_id'] . "|modifyReseller.php?reseller_id=" . $loginas . "&returnid=" . $loginas); $result = general_login($_GET['username'], $_GET['password'], "reseller", $_GET['gw_id'], false); $sql = "Insert ignore into cs_entities\n\t\tset \n\t\t\ten_username = '******'username'] . "',\n\t\t\ten_password = MD5('" . ($_GET['username'] . $_GET['password']) . "'),\n\t\t\ten_gateway_ID = '" . quote_smart($_SESSION['gw_ID']) . "',\n\t\t\ten_type = 'reseller',\n\t\t\ten_type_id = '" . quote_smart($i_reseller_id) . "'\n\t\t"; sql_query_write($sql) or dieLog(mysql_error() . " ~ {$str_qry}"); $result = general_login($_GET['username'], $_GET['password'], "reseller", $_GET['gw_id'], false); die('Failed ' . $result); } $headerInclude = "reseller"; include "includes/header.php"; include "includes/message.php"; $sessionAdmin = isset($HTTP_SESSION_VARS["sessionAdmin"]) ? $HTTP_SESSION_VARS["sessionAdmin"] : ""; $returnid = isset($HTTP_GET_VARS["returnid"]) ? $HTTP_GET_VARS["returnid"] : ""; $i_reseller_id = isset($HTTP_GET_VARS["reseller_id"]) ? $HTTP_GET_VARS["reseller_id"] : ""; $qry_selectdetails = "select * from cs_resellerdetails where reseller_id = '{$i_reseller_id}'"; if (!($rst_selectdetails = mysql_query($qry_selectdetails))) { dieLog(mysql_errno() . ": " . mysql_error() . "<BR>{$qry_selectdetails}"); } if ($resellerInfo = mysql_fetch_array($rst_selectdetails)) { ?> <script language="JavaScript" >
<?php $etel_debug_mode = 0; if ($_REQUEST['gw_id']) { $gateway_db_select = $_REQUEST['gw_id']; } session_start(); //print_r($_SERVER); if (!$gateway_db_select) { $gateway_db_select = 3; } require_once '../includes/function.php'; require_once '../includes/dbconnection.php'; if ($_POST['Login'] == "Login") { general_login($_POST['username'], $_POST['password'], $_POST['type'], $gateway_db_select); } ?> <style type="text/css"> <!-- .style1 {font-size: 12px} --> </style> <form name="form1" method="post" action=""> <div align="center"> <table width="200" border="1"> <tr bgcolor="#CCCCCC"> <th scope="col"> </th> <th scope="col">Gateway Login </th>
<?php $gateway_db_select = 2; session_start(); $localdir = "../../"; chdir($localdir); require_once 'includes/function.php'; $database["server"] = "localhost"; $database["user"] = "******"; $database["password"] = "******"; // $database["database"] ="dbs_companysetup"; $database["database"] = "etel_gwEcomGlobal"; $cnn_cs = mysql_connect($database["server"], $database["user"], $database["password"]) or die("Could not find server"); mysql_select_db($database["database"], $cnn_cs) or die("Unable to connect database"); if ($_POST['Login'] == "Login") { general_login(trim($_POST['username']), trim($_POST['password']), $_POST['type'], 2); } ?> <form name="form1" method="post" action=""> <input type="hidden" name="login_redir" value="<?php echo $_REQUEST['login_redir']; ?> "> <div align="center"> <table width="200" border="1"> <tr bgcolor="#CCCCCC"> <th scope="col"> </th> <th scope="col">Gateway Login </th> </tr>
<?php $rootdir = "../"; $headerInclude = "service"; include $rootdir . "includes/sessioncheckserviceuser.php"; include $rootdir . "includes/dbconnection.php"; $redir = $_REQUEST['redir']; if ($_SESSION['cs_found_merchant']) { $sql = "select * from cs_companydetails where userId = '" . intval($_SESSION['cs_found_merchant']) . "'"; $result = mysql_query($sql) or dieLog(mysql_error() . " ~ {$sql}"); $companyInfo = mysql_fetch_assoc($result); if ($companyInfo) { $etel_debug_mode = 0; require_once "../includes/dbconnection.php"; $_SESSION["loginredirect"] = "None"; $_SESSION["gw_customerservice_info"] = etelEnc($_SESSION["gw_user_username"] . "|" . $_SESSION["gw_user_password"] . "|CustomerService|" . $_SESSION['gw_id'] . "|livetree.php"); general_login($companyInfo['username'], $companyInfo['password'], "merchant", $companyInfo['gateway_id'], false, $redir); die; } } dieLog("Invalid Login ~ {$sql}", "Invalid Login");
<?php if (!$_SESSION["gw_database"]) { ini_set("session.save_handler", "files"); session_start(); } $autologin = $_REQUEST["autologin"]; if ($autologin) { $etel_debug_mode = 0; require_once "../includes/dbconnection.php"; $loginInfo = explode("|", etelDec($autologin)); general_login($loginInfo['0'], $loginInfo['1'], $loginInfo['2'], $loginInfo['3']); die; } if ($_SESSION["gw_admin_info"]) { $etel_debug_mode = 0; require_once "../includes/function.php"; $loginInfo = explode("|", etelDec($_SESSION["gw_admin_info"])); $_SESSION["loginredirect"] = $loginInfo[0]; $_SESSION["gw_user_username"] = $loginInfo[0]; $_SESSION["gw_user_hash"] = $loginInfo[1]; $_SESSION["userType"] = $loginInfo[2]; $_SESSION['gw_id'] = $loginInfo[3]; $_SESSION["sessionAdmin"] = true; unset($_SESSION["gw_admin_info"]); require_once "../includes/dbconnection.php"; } if ($_SESSION["userType"] != "Admin") { $index = $_SESSION["gw_index"]; if (!$index) { $index = "../index.php";