}
$result2 = Database::get()->queryArray("SELECT course.id cid, course.code code, course.public_code,
course.title title, course.prof_names profs, course_user.status status
FROM course JOIN course_user ON course.id = course_user.course_id
WHERE course_user.user_id = ?d $extra ORDER BY status, course.title, course.prof_names", $uid);
$courses = array();
if (count($result2) > 0) {
foreach ($result2 as $mycours) {
$courses[$mycours->code] = $mycours->status;
}
}
$_SESSION['courses'] = $courses;
$_user['persoLastLogin'] = last_login($uid);
$_user['lastLogin'] = str_replace('-', ' ', $_user['persoLastLogin']);
$user_announcements = '';
// Get user's course info
$user_lesson_info = getUserLessonInfo($uid);
//if user is registered to at least one lesson
if (count($lesson_ids) > 0) {
// get user announcements
$user_announcements = getUserAnnouncements($lesson_ids);
}
// get user latest personal messages
$user_messages = getUserMessages();
session_start();
include "dbquery.php";
$error = "";
if (isset($_POST['userid']) && isset($_POST['password'])) {
if (login($_POST['userid'], $_POST['password'])) {
$_SESSION['s_user'] = $_POST['userid'];
$row = selectall($_SESSION['s_user']);
$_SESSION['s_id'] = $row['id'];
$_SESSION['s_email'] = $row['email'];
$email = $_SESSION['s_email'];
//echo"<script>alert('email is set: ".$email."');</script>";
$_SESSION['s_desig'] = $row['designation'];
$_SESSION['s_created'] = $row['created_on'];
$_SESSION['last_login'] = $row['last_login'];
last_login($_SESSION['s_user']);
if (isset($_POST['remember_me'])) {
setcookie('c_user', $_POST['userid'], time() + 3600);
setcookie('c_pass', $_POST['password'], time() + 3600);
} else {
if (isset($_COOKIE['c_user']) && isset($_COOKIE['c_pass'])) {
setcookie('c_user', null, time() - 1);
setcookie('c_pass', null, time() - 1);
}
}
echo "<script>window.location.href='index.php';</script>";
$error = "";
} else {
$error = "<div class='alert alert-danger alert-dismissable'>\n <i class='fa fa-ban'></i>\n <button type='button' class='close' data-dismiss='alert' aria-hidden='true'>×</button>\n <b>Alert!</b> Invalid Creditials.\n </div>";
}
}
*** an action; 'login' and 'logout' are currently
*** supported.
*** All actions result in a json object with a
*** status ('ok' | 'fail'); logins also include
*** the username and last login.
***/
$action = $_POST["action"];
$result = null;
if ($action == "login") {
$user = $_POST["name"];
$pass = $_POST["pass"];
if (is_valid_user($user, $pass)) {
session_start();
update_login($user);
$_SESSION["username"] = $user;
$_SESSION["last_login"] = last_login($user);
session_write_close();
$result = array('status' => 'ok', 'user' => $user, 'last_login' => $_SESSION["last_login"]);
} else {
$result = array('status' => 'fail');
}
} elseif ($action == "logout") {
session_start();
session_unset();
session_destroy();
$result = array('status' => 'ok');
} else {
$result = array('status' => 'fail');
}
header("content-type:application/json");
echo json_encode($result);
if ($nuser == 1) {
$xuser = mysql_fetch_array($ouser);
if ($xuser['aktif'] == "1") {
$len = strlen($xpassword);
if (decode_password($xuser['password'], $len) == md5($xpassword)) {
$session_name = "Kh41r4";
$_SESSION[$session_name] = 1;
$_SESSION['xusername_' . $session_name] = $xuser['username'];
$_SESSION['xunit_' . $session_name] = $xuser['unit'];
$_SESSION['kunci_' . $session_name] = $xuser['kunci'];
$ouserlevel = xuserlevel("level", "username = '******'username'] . "'");
$xuserlevel = mysql_fetch_array($ouserlevel);
$_SESSION['xlevel_' . $session_name] = $xuserlevel['level'];
$msg = "Login berhasil.";
update_log($msg, 'xlogin', $xuser['username'], 1);
last_login($xuser['username']);
if ($xuser['reset'] == "0") {
?>
<meta http-equiv="refresh" content="0;URL=../index.php" /><?php
} else {
?>
<meta http-equiv="refresh" content="0;URL=../index.php?p=<?php
echo enkripsi(55);
?>
" /><?php
}
} else {
$msg = "Kata sandi salah.";
$_SESSION['errmsg'] = $msg;
return redirect_to('/mypage');
} else {
switch ($result['error']) {
case 'locked':
flash('notice', 'This account is locked.');
break;
case 'banned':
flash('notice', "You're banned.");
break;
default:
flash('notice', 'Wrong username or password');
break;
}
return redirect_to('/');
}
});
dispatch_get('/mypage', function () {
$user = current_user();
if (empty($user)) {
flash('notice', 'You must be logged in');
return redirect_to('/');
} else {
set('user', $user);
set('last_login', last_login());
return html('mypage.html.php');
}
});
dispatch_get('/report', function () {
return json_encode(['banned_ips' => banned_ips(), 'locked_users' => locked_users()]);
});
run();
