db_logs("", "", 0, "Solicitação de senha para fornecedor: cgc ou cpf valido. {$cgccpf}");
}
if ($cgccpf == "00000000000" || @pg_result($result, 0, "z01_cgccpf") == "00000000000000" || @pg_result($result, 0, "z01_cgccpf") == " ") {
msgbox("Seu cgc/cpf esta zerado, atualize com a prefeitura para criar senha");
redireciona("index.php");
exit;
}
fieldsmemory($result, 0);
$result = @db_query("select login from db_usuarios where login = '******'");
//criptografia
include "libs/CBC.php";
srand((double) microtime() * 32767);
$rand = rand(1, 32767);
$rand = pack('i*', $rand);
$key = "alapuchatche";
$md = new Crypt_HCEMD5($key, $rand);
$enc = $md->encodeMimeSelfRand("conf_email=" . $email . "&conf_cgccpf=" . $cgccpf);
//
$corpo_email = "\r\n <html>\r\n<head>\r\n<title>Solicitação de senha</title>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\">\r\n<style type=\"text/css\">\r\n<!--\r\n.arial {\r\n font-family: Arial, Helvetica, sans-serif;\r\n}\r\n-->\r\n</style>\r\n</head>\r\n\r\n<body leftmargin=\"0\" topmargin=\"0\" marginwidth=\"0\" marginheight=\"0\">\r\n<table width=\"633\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\r\n <tr>\r\n <td align=\"left\" valign=\"top\" nowrap><table width=\"79%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\r\n <tr>\r\n <td>\r\n <div align=\"center\">\r\n <img src=\"imagens/topo_alegrete.gif\">\r\n </div>\r\n </td>\r\n </tr>\r\n </table></td>\r\n </tr>\r\n <tr>\r\n <td align=\"left\" valign=\"top\" nowrap> </td>\r\n </tr>\r\n <tr>\r\n <td> <img src=\"" . $URL_ABS . "imagens/logo_boleto_extrato.gif\" width=\"365\" height=\"93\">\r\n </td>\r\n </tr>\r\n <tr>\r\n <td height=\"30\" class=\"arial\" style=\"color:#006633;font-weight: bold;font-size:14px\">»» confirmação de email</td>\r\n </tr>\r\n <tr>\r\n <td height=\"200\" align=\"left\" valign=\"top\" class=\"arial\" style=\"font-size:12px\"><span style=\"color:#006633\">Caro\r\n Usuário:</span> <p style=\"font-size:11px\"> Voce esta um passo de\r\n concluir seu cadastro<br>\r\n junto ao prefeitura on-line.<br>\r\n Clique no link abaixo para receber sua senha.<br>\r\n <br>\r\n <a href=\"" . $URL_ABS . "criasenha.php?" . $enc . "\">Criar Senha</a>\r\n </p></td>\r\n </tr>\r\n</table>\r\n</body>\r\n</html>\r\n";
if (@pg_num_rows($result) == 0) {
$login = 1;
}
if ($login == 1) {
$oMail = new Smtp();
$oMail->Send($email, $w13_emailadmin, 'Confirmação de e-mail para recebimento de senha', $corpo_email);
msgbox("Um e-mail de confirmação foi enviado para: {$email}. Clique no link para confirmar o e-mail e receber sua senha.");
redireciona("digitafornecedor.php");
exit;
} else {
if ($login != 1 && $z01_email == $email) {
echo "\r\n <html>\r\n <script>\r\n function js_submeter() {\r\n if(document.form1.senha.value == '') {\r\n alert('Campo senha não pode ser vazio!');\r\n document.form1.senha.focus()\r\n return false;\r\n }\r\n if(document.form1.senha_c1.value != document.form1.senha_c2.value) {\r\n alert('As senhas estão diferentes!');\r\n document.form1.senha_c1.select();\r\n return false;\r\n }\r\n if(document,form1.senha_c1.value == '') {\r\n alert('A sua nova senha não pode ser em branco');\r\n document.form1.senha_c1.select();\r\n return false;\r\n }\r\n return true;\r\n }\r\n </script>\r\n <body bgcolor=\"#FFFFFF\" background=\"imagens/azul_ceu_O.jpg\" text=\"#000000\" >\r\n Email já cadastrado. Informe sua senha e nova senha pra alteração.\r\n <center>\r\n <form name=\"form1\" method=\"post\" onsubmit=\"return js_submeter()\">\r\n <table border=0>\r\n <tr><Td>Senha:</td><td><input type=\"password\" name=\"senha\"></td></tr>\r\n <tr><td>Nova Senha:</td><td><input type=\"password\" name=\"senha_c1\"></td></tr>\r\n <tr><Td>Confirma Nova Senha:</td><td><input type=\"password\" name=\"senha_c2\"></td></tr>\r\n <input type=\"hidden\" name=\"cgccpf\" value=\"{$cgccpf}\">\r\n <tr><td colspan=2><input type=\"submit\" name=\"alt_senha\" value=\"clique aqui para alterar sua senha\"></td></tr>\r\n </table>\r\n </form>\r\n </center>\r\n </body>\r\n </html>\r\n ";
# Show session time out warning and exit the script to stop the module
include $root_path . "include/inc_session_timeout_warning.php";
exit;
} else {
# Reset the time-out start time
#print_r($_GET);
#echo '<hr />===================================';
if ($_GET['refreshed'] != '') {
$_SESSION['sess_tos'] = $tnow;
}
#echo '<hr />'.$tnow;
}
}
}
# Decrypt the second level cookie sid and compare to sid
$dec_2level = new Crypt_HCEMD5($key_2level, '');
$clear_2sid = $dec_2level->DecodeMimeSelfRand($_COOKIE['ck_2level_sid' . $sid]);
//if(!$sid||($sid!=$clear_ck_sid)||($sid!=$clear_2sid)||!isset($_COOKIE[$local_user.$sid])||empty($_COOKIE[$local_user.$sid])) $no_valid=1;
if (!$sid || $sid != $clear_ck_sid || $sid != $clear_2sid) {
$no_valid = 1;
}
# if(!$sid||($sid!=$clear_ck_sid)||($sid!=$clear_2sid)) $no_valid=1;
} elseif (!$sid || $sid != $clear_ck_sid) {
$no_valid = 1;
} else {
# Reset the time-out start time
$_SESSION['sess_tos'] = $tnow;
#print_r($_GET);
}
if ($no_valid) {
if (getLang('invalid-access-warning.php')) {
//echo ($tnow-$HTTP_SESSION_VARS['sess_tos'])."<br>";
//echo "session expired<br>";
//echo $TIME_OUT_TIME."<br>";
//echo $HTTP_SESSION_VARS['sess_user_id'];
# Show session time out warning and exit the script to stop the module
include $root_path . "include/inc_session_timeout_warning.php";
exit;
} else {
# Reset the time-out start time
$HTTP_SESSION_VARS['sess_tos'] = $tnow;
//echo $tnow;
}
}
}
# Decrypt the second level cookie sid and compare to sid
$dec_2level = new Crypt_HCEMD5($key_2level, '');
$clear_2sid = $dec_2level->DecodeMimeSelfRand($HTTP_COOKIE_VARS['ck_2level_sid' . $sid]);
if (!$sid || $sid != $clear_ck_sid || $sid != $clear_2sid || !isset($HTTP_COOKIE_VARS[$local_user . $sid]) || empty($HTTP_COOKIE_VARS[$local_user . $sid])) {
$no_valid = 1;
}
# if(!$sid||($sid!=$clear_ck_sid)||($sid!=$clear_2sid)) $no_valid=1;
} elseif (!$sid || $sid != $clear_ck_sid) {
$no_valid = 1;
} else {
# Reset the time-out start time
$HTTP_SESSION_VARS['sess_tos'] = $tnow;
}
if ($no_valid) {
if (getLang('invalid-access-warning.php')) {
header('Location:' . $root_path . 'language/' . $lang . '/lang_' . $lang . '_invalid-access-warning.php');
} else {
}
if ($mode != '') {
if ($mode == 'access' && $password != '' && $username != '' && $dept != '') {
$sql = "SELECT * FROM {$dbtable} WHERE email='{$username}@{$dept}'";
if ($ergebnis = $db->Execute($sql)) {
if ($ergebnis->RecordCount()) {
$content = $ergebnis->FetchRow();
if (md5($password) == $content['pw']) {
/**
* Init crypt to use 2nd level key and encrypt the sid.
* Store to cookie the "$ck_2level_sid.$sid"
* There is no need to call another include of the inc_init_crypt.php since it is already included at the start
* of the script that called this script.
*/
//include("../include/inc_init_crypt.php"); // initialize crypt
$enc_2level = new Crypt_HCEMD5($key_2level, makeRand());
$ciphersid = $enc_2level->encodeMimeSelfRand($sid);
setcookie(ck_2level_sid . $sid, $ciphersid);
setcookie('ck_intra_email_user' . $sid, $content[email]);
header("location:{$forwardfile}");
exit;
} else {
$onError = $LDErrorLogin;
}
} else {
// if last check data not available
$newuser = 1;
}
} else {
echo "{$LDDbNoRead}<br>{$sql}";
}
