/
complogin.php
executable file
·153 lines (122 loc) · 2.85 KB
/
complogin.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
<?
#This program is copyright by Andre Coetzee email: ac@main.me
#and is licensed under the GPL v3
#
#
#
#
#Please add yourself to: http://www.accounting-123.com
#Developers, Software Vendors, Support, Accountants, Users
#
#
#The full software license can be found here:
#http://www.accounting-123.com/a.php?a=153/GPLv3
#
#
#
#
#
#
#
#
#
#
#
require ("newsettings.php");
# Decide what to do
if (isset ($_POST["key"])) {
switch ($_POST["key"]) {
case "login":
$OUTPUT = login ($_POST);
break;
default:
$OUTPUT = slctcomp ();
}
} else {
$OUTPUT = slctcomp ();
}
require("newtemplate.php");
# Confirms
function slctcomp ($err = "")
{
// session_start ();
session_name ("CUBIT_SESSION");
session_unset ();
# connect to db
db_conn("cubit");
# Get Companies
$sql = "SELECT * FROM companies WHERE status='active' ORDER BY name ASC";
$compRslt = db_exec($sql) or die ("Unable to get companies from database.");
if (pg_numrows ($compRslt) < 1) {
header("Location: company-new.php");
}
$comps = "<select size='1' name='code'>\n";
while ($comp = pg_fetch_array ($compRslt)) {
$comps .= "<option value='$comp[code]'>$comp[name]</option>\n";
}
$comps .= "</select>\n";
$slct = "
<h3>Select Company to log in to</h3>
<form action=".SELF." method='POST'>
<input type='hidden' name='key' value='login'>
<table cellpadding='1' cellspacing='1'>
<tr>
<td colspan='2'>$err</td>
</tr>
<tr>
<th colspan='2'>Select Company</th>
</tr>
<tr bgcolor='#77AAEE'>
<td>Company Name</td>
<td align='center'>$comps</td>
</tr>
".TBL_BR."
<tr>
<td colspan='2' align='right'><input type='submit' value='Continue »'></td>
</tr>
<script>
if (top.mainframe) {
top.location.href = 'complogin.php';
}
</script>
</table>
</form>";
return $slct;
}
# Log in to Company
function login ($_POST)
{
global $_SESSION;
extract($_POST);
require_lib("validate");
$v = new validate ();
$v->isOk ($code,"string", 1, 5, "Invalid company name.");
# Display errors, if any
if ($v->isError ()) {
$confirm = "";
$errors = $v->getErrors();
foreach ($errors as $e) {
$confirm .= "<li class='err'>".$e["msg"]."</li>";
}
return slctcomp($confirm);
}
# Change code to lowercase
$code = strtolower($code);
if(!db_check("cubit_".$code)){
return slctcomp("<li class='err'>Invalid Company. Select another company or<br />
click <a href='company-new.php?key=recover'>here</a> to see if Cubit can recover from this error.</li>");
}
# Get Company Name
db_conn("cubit");
$sql = "SELECT name FROM companies WHERE code = '$code'";
$compRslt = db_exec($sql) or errDie("Unable to access database.", SELF);
if(pg_numrows($compRslt) < 1){
$comp['name'] = "";
}else{
$comp = pg_fetch_array($compRslt);
}
$_SESSION["code"] = $code;
$_SESSION["comp"] = $comp['name'];
header("Location: doc-index.php");
}
?>