function set_pep($login)
{
$_SESSION['pep'] = object_to_cookie($login);
if ($login[2]) {
setcookie('pep', $_SESSION['pep'], time() + 60 * 60 * 24 * 30);
}
}
$pr_id = isset($_POST['projectnumber']) ? $_POST['projectnumber'] : $options_array['pr_id'];
$prio = isset($_POST['prio']) ? clearVars($_POST['prio']) : $options_array['prio'];
$status = isset($_POST['status']) ? $_POST['status'] : $options_array['status'];
$sortfield = isset($_POST['sortfield']) ? $_POST['sortfield'] : $options_array['sortfield'];
$sortorder = isset($_POST['sortorder']) ? $_POST['sortorder'] : $options_array['sortorder'];
/**
* Evtl. durch neue Filter-Einstelungen geänderte Daten werden erneut serialisiert
* in Coockies gespeichert für ein weiteres Jahr
*/
$options_array['searchstring'] = $searchstring;
$options_array['pr_id'] = $pr_id;
$options_array['prio'] = $prio;
$options_array['status'] = $status;
$options_array['sortfield'] = $sortfield;
$options_array['sortorder'] = $sortorder;
setcookie('todo', object_to_cookie($options_array), time() + 60 * 60 * 24 * 365);
// Der Benutzer soll ermittelt werden
if (!($user = new user())) {
// Undefined users cannot use this programm
header('HTTP/1.0 500 Internal Server Error');
ob_flush();
}
if (isset($_POST['username']) && isset($_POST['password'])) {
$autologin = isset($_POST['autologin']) ? true : false;
$login = array($_POST['username'], md5($_POST['password']), $autologin);
} elseif (!empty($_COOKIE['pep'])) {
$login = cookie_to_object($_COOKIE['pep']);
} elseif (!empty($_SESSION['pep'])) {
$login = cookie_to_object($_SESSION['pep']);
} else {
$login = array('', '', true);
/**
* Login for enabled employees
*
* $user - loginname
* $password - password
* Return true or false with errorcode in $this->errors Array
*
* @param array $login
* @return boolean
*/
function login($login)
{
$event = true;
$this->empl_login = $login[0];
$this->empl_pwd = $login[1];
if (empty($this->empl_login))
{
//$this->errors[] = 'err_501';
$event = false;
}
if ($this->empl_pwd === md5(''))
{
$this->errors[] = 'err_502';
$event = false;
}
// Wenn schon jetzt was nicht stimmt, dann Tschüss
if (!$event) return $event;
if (!$this->query(
sprintf('SELECT *
FROM '.DBPREFIX."employees
WHERE empl_login LIKE '%s'
AND empl_pwd LIKE '%s'",
escape_string($this->empl_login),
escape_string($this->empl_pwd)),
SQL_INIT,SQL_ASSOC))
{
$this->errors[] = 'err_202';
$event = false;
}
else
{
if (empty($this->record))
{
$this->errors[] = 'err_503';
$event = false;
}
else if ($this->record['empl_status'] != 1)
{
$this->errors[] = 'err_504';
$event = false;
}
else
{
$this->empl_id = $this->record['empl_id'];
$this->empl_firstname = $this->record['empl_firstname'];
$this->empl_surname = $this->record['empl_surname'];
$this->empl_position = $this->record['empl_position'];
$_SESSION['pep'] = object_to_cookie($login);
if ($login[2])
{
setcookie('pep',$_SESSION['pep'],time()+60*60*24*30);
}
}
}
return $event;
}