if ($action == "sysinfo") { $res = $system->getCurrentUserAndSysInfo(); } else { //no enough permission for guest if ($system->get_user_id() < 1 && !($action == 'login' || $action == 'logout' || $action == 'reset_password' || $action == 'svs_savetree' || $action == 'svs_gettree' || $action == 'usr_save' || $action == 'usr_get' || $action == 'svs_get')) { $response = $system->addError(HEURIST_REQUEST_DENIED); } else { $res = false; if ($action == "login") { //check request $username = @$_REQUEST['username']; $password = @$_REQUEST['password']; $session_type = @$_REQUEST['session_type']; if ($system->login($username, $password, $session_type)) { $res = $system->getCurrentUserAndSysInfo(); checkDatabaseFunctions($mysqli); } } else { if ($action == "reset_password") { $system->user_LogActivity('ResetPassword'); if (user_ResetPassword($system, @$_REQUEST['username'])) { $res = true; } } else { if ($action == "logout") { $system->user_LogActivity('Logout'); if ($system->logout()) { $res = true; } } else { if ($action == "save_prefs") {
} else { if ($_REQUEST['session_type'] == 'remember') { //Besides make sure that php.ini session.gc_maxlifetime set to the similar value $time = time() + 30 * 24 * 60 * 60; //remember for 30 days $_SESSION[HEURIST_SESSION_DB_PREFIX . 'heurist']['keepalive'] = true; } } } setcookie('heurist-sessionid', session_id(), $time, '/'); // bookkeeping mysql_connection_overwrite(USERS_DATABASE); mysql_query('update sysUGrps usr set usr.ugr_LastLoginTime=now(), usr.ugr_LoginCount=usr.ugr_LoginCount+1 where usr.ugr_ID=' . $user[USERS_ID_FIELD]); mysql_connection_select(USERS_DATABASE); checkDatabaseFunctions(); if (@$last_uri) { header('Location: ' . $last_uri); } } else { $LOGIN_ERROR = 'Incorrect Username / Password - try email address for user name'; } } } ?> <html> <head> <title>Heurist login</title>