/*------begin------ This protection code was suggested by Luki R. luki@karet.org ---- */ if (eregi("inc_init_crypt.php", $PHP_SELF)) { die('<meta http-equiv="refresh" content="0; url=../">'); } /*------end------*/ /** * This initializes the hcemd5 crypt function */ function makeRand() { srand((double) microtime() * 32767); $rand = rand(1, 32767); return pack('i*', $rand); } include_once $root_path . 'classes/pear/crypt/hcemd5.php'; include_once $root_path . 'include/inc_init_main.php'; // This loads the chaining keys /** * The INIT_DECODE must be defined at the calling script before including this script * INIT_DECODE=1 // will not start creation of random key and create decoder object * INIT_DECODE= undefined or not 1 // will start creation of random key and create encoder object */ if (defined('INIT_DECODE') && INIT_DECODE == 1) { $dec_hcemd5 = new Crypt_HCEMD5($key, ''); } else { $enc_hcemd5 = new Crypt_HCEMD5($key, makeRand()); } ?>
} if ($mode != '') { if ($mode == 'access' && $password != '' && $username != '' && $dept != '') { $sql = "SELECT * FROM {$dbtable} WHERE email='{$username}@{$dept}'"; if ($ergebnis = $db->Execute($sql)) { if ($ergebnis->RecordCount()) { $content = $ergebnis->FetchRow(); if (md5($password) == $content['pw']) { /** * Init crypt to use 2nd level key and encrypt the sid. * Store to cookie the "$ck_2level_sid.$sid" * There is no need to call another include of the inc_init_crypt.php since it is already included at the start * of the script that called this script. */ //include("../include/inc_init_crypt.php"); // initialize crypt $enc_2level = new Crypt_HCEMD5($key_2level, makeRand()); $ciphersid = $enc_2level->encodeMimeSelfRand($sid); setcookie(ck_2level_sid . $sid, $ciphersid); setcookie('ck_intra_email_user' . $sid, $content[email]); header("location:{$forwardfile}"); exit; } else { $onError = $LDErrorLogin; } } else { // if last check data not available $newuser = 1; } } else { echo "{$LDDbNoRead}<br>{$sql}"; }