Esempio n. 1
0
 protected function btnLogin_Click($strFormId, $strControlId, $strParameter)
 {
     if ($_SERVER['REMOTE_ADDR'] != "127.0.0.1" && substr($_SERVER['REMOTE_ADDR'], 0, 8) != "192.168.") {
         $ip_array = json_decode(file_get_contents("http://192.168.1.168:8888/eBayBO/service.php?action=getClientIp"));
         //file_put_contents("/tmp/xx.log", print_r($ip_array, true));
         if (!in_array($_SERVER['REMOTE_ADDR'], $ip_array)) {
             $blnError = true;
             $this->txtUsername->Warning = QApplication::Translate('Invalid username or password.');
             return 0;
         }
     }
     $blnError = false;
     $strUsername = $this->txtUsername->Text;
     $strPassword = $this->txtPassword->Text;
     $objUserAccount = UserAccount::LoadByUsername($strUsername);
     $errorMessage = QApplication::Translate('Invalid username or password.');
     // Check if that username exists
     if (!$objUserAccount) {
         $blnError = true;
         $this->txtUsername->Warning = $errorMessage;
     } elseif (!$objUserAccount->ActiveFlag) {
         $blnError = true;
         $this->txtUsername->Warning = $errorMessage;
     } elseif (sha1($strPassword) != $objUserAccount->PasswordHash) {
         $blnError = true;
         $this->txtPassword->Warning = $errorMessage;
     } else {
         QApplication::Login($objUserAccount);
         // If the user has access to the assets module, send them there. Otherwise, send them to the home module.
         $objRoleModule = RoleModule::LoadByRoleIdModuleId($objUserAccount->RoleId, 2);
         if ($objRoleModule->AccessFlag) {
             QApplication::Redirect('./inventory/');
         } else {
             Qapplication::Redirect('./home/');
         }
     }
 }
Esempio n. 2
0
 protected function btnLogin_Click($strFormId, $strControlId, $strParameter)
 {
     $blnError = false;
     $strUsername = $this->txtUsername->Text;
     $strPassword = $this->txtPassword->Text;
     $objUserAccount = UserAccount::LoadByUsername($strUsername);
     $errorMessage = 'Invalid username or password.';
     $objHasher = new PasswordHash(8, PORTABLE_PASSWORDS);
     // Check if that username exists
     if (!$objUserAccount) {
         $blnError = true;
         $this->txtPassword->Warning = $errorMessage;
     } elseif (!$objUserAccount->ActiveFlag) {
         $blnError = true;
         $this->txtPassword->Warning = $errorMessage;
     } elseif (!$objHasher->CheckPassword(sha1($strPassword), $objUserAccount->PasswordHash)) {
         $blnError = true;
         $this->txtPassword->Warning = $errorMessage;
     } else {
         QApplication::Login($objUserAccount);
         $objAssetRoleModule = RoleModule::LoadByRoleIdModuleId($objUserAccount->RoleId, 2);
         $objInventoryRoleModule = RoleModule::LoadByRoleIdModuleId($objUserAccount->RoleId, 3);
         $objContactsRoleModule = RoleModule::LoadByRoleIdModuleId($objUserAccount->RoleId, 4);
         $objShippingRoleModule = RoleModule::LoadByRoleIdModuleId($objUserAccount->RoleId, 5);
         $objReceivingRoleModule = RoleModule::LoadByRoleIdModuleId($objUserAccount->RoleId, 6);
         $objReportsRoleModule = RoleModule::LoadByRoleIdModuleId($objUserAccount->RoleId, 7);
         if (array_key_exists('strReferer', $_GET)) {
             QApplication::Redirect($_GET['strReferer']);
         } else {
             if ($objAssetRoleModule->AccessFlag) {
                 // If the user has access to the assets module, send them there, otherwise...
                 QApplication::Redirect('./assets/');
             } else {
                 if ($objInventoryRoleModule->AccessFlag) {
                     Qapplication::Redirect('./inventory/');
                 } else {
                     if ($objContactsRoleModule->AccessFlag) {
                         Qapplication::Redirect('./contacts/');
                     } else {
                         if ($objShippingRoleModule->AccessFlag) {
                             Qapplication::Redirect('./shipping/');
                         } else {
                             if ($objReceivingRoleModule->AccessFlag) {
                                 Qapplication::Redirect('./receiving/');
                             } else {
                                 if ($objReportsRoleModule->AccessFlag) {
                                     Qapplication::Redirect('./reports/');
                                 }
                             }
                         }
                     }
                 }
             }
         }
     }
 }