-
Notifications
You must be signed in to change notification settings - Fork 0
/
login.php
102 lines (86 loc) · 2.96 KB
/
login.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
<?php
function load_login() {
$objResponse = new xajaxResponse();
$text .= gen_login();
$objResponse->assign("site_wrapper", "innerHTML", $text);
return $objResponse;
}
function gen_login() {
$text = '';
$text .= '<div id="login_wrapper">';
$text .= '<div id="login_internat" class="well login_internal animated fadeInDownBig">';
$text .= '<h3>Login</h3>';
$text .= '<form class="form-horizontal">';
$text .= '<fieldset>';
$text .= '<div class="form-group">';
$text .= '<div class="col-lg-12">';
$text .= '<input class="form-control" id="inputUser" placeholder="Username" type="text">';
$text .= '</div>';
$text .= '</div>';
$text .= '<div class="form-group">';
$text .= '<div class="col-lg-12">';
$text .= '<input class="form-control" id="inputPass" placeholder="Password" type="password">';
$text .= '</div>';
$text .= '</div>';
$text .= '<div class="form-group">';
$text .= '<div class="col-lg-12">';
$text .= '<button type="button" class="btn btn-primary" onclick="xajax_login(document.getElementById(\'inputUser\').value, document.getElementById(\'inputPass\').value)">Login</button>';
$text .= '</div>';
$text .= '</div>';
$text .= '</fieldset>';
$text .= '</form>';
$text .= '</div>';
$text .= '</div>';
return $text;
}
function login($user, $pass) {
$objResponse = new xajaxResponse();
$success = false;
//$user = mysql_real_escape_string($user);
//$pass = mysql_real_escape_string($pass);
global $dba;
$sql = "SELECT * FROM sysuser WHERE user = '".$user."' AND pass = '".$pass."'";
$stmt = $dba->query($sql);
if($stmt) {
if($stmt->rowCount() > 0) {
$success = true;
}
if($success) {
while($row = $stmt->fetch(PDO::FETCH_ASSOC)){
$_SESSION['user']['id'] = $row['id'];
$_SESSION['user']['name'] = $row['name'];
$_SESSION['user']['username'] = $row['user'];
$_SESSION['user']['admin'] = $row['admin'];
}
$objResponse->call('xajax_load_main');
$objResponse->call('xajax_do_reload_shift');
} else {
$objResponse->call('xajax_show_alert', 'danger', 'Ups!', 'Forkert brugernavn eller adgangskode');
}
} else {
$objResponse->script('swal("FEJL 1000", "Der skete sku en fejl.. Beboeren blev ikke indskrevet :( Kontakt en administrator", "error")');
}
return $objResponse;
}
function relogin() {
$objResponse = new xajaxResponse();
global $dba;
$sql = "SELECT * FROM sysuser_select WHERE id = " . $_SESSION['user']['id'];
$stmt = $dba->query($sql);
$row = $stmt->fetch(PDO::FETCH_ASSOC);
$_SESSION['user']['id'] = $row['id'];
$_SESSION['user']['name'] = $row['name'];
$_SESSION['user']['username'] = $row['user'];
$_SESSION['user']['admin'] = $row['admin'];
$objResponse->call('xajax_load_main');
$objResponse->call('xajax_do_reload_shift');
return $objResponse;
}
function logout() {
$objResponse = new xajaxResponse();
session_destroy();
session_start();
$objResponse->call('xajax_load_login');
return $objResponse;
}
?>