Your IP : 216.73.216.40

Current Path : /var/www/html/mmishra/icure/
Upload File :
Current File : /var/www/html/mmishra/icure/session.inc

<?php

//include configuration and function library

require("config.inc");
require("functions.inc");
require 'classes/PHPMailerAutoload.php';
//require 'classes/class.smtp.php';
date_default_timezone_set('Asia/Kolkata');

//call database connection
dbConnect("icure");

//some enumerated values

$statuss 		= array('Online','Offline');
$roles 			= array('Admin','Doctor','Staff','Patient','Guest');
//$patgps 		= array('Student','Employee','AgencyStaff','Others');
$patgps 		= array('Student','Employee','Others');
$testgps 		= array('Haemetology','Biochemical', 'Urine Examination');
$prescriptions 	= array('Medicine','Test');
$shifts 		= array('Morning','Evening','Night','Special'); 
$heads 			= array('Registrations','Prescriptions','Admissions','Medications');
$weekdays 		= array('Monday','Tuesday','Wednesday','Thursday','Friday','Saturday','Sunday'); 
$months 		= array('Jan','Feb','Mar','Apr','May','Jun','Jul','Aug','Sep','Oct','Nov','Dec'); 

$referer 		= $_SERVER['HTTP_REFERER'];
$url 			= $_SERVER['REQUEST_URI'];
$remoteip 		= getIP(); 

//initialize session variables and session
session_start();

if (isset($_SESSION['sessionid'])) {
	//check session and session variables        
	$sessionid 	= $_SESSION['sessionid'];
	$user 		= $_SESSION['user'];
	$role 		= $_SESSION['role'];

} else if (isset($_POST['login']) && $_POST['txtID']) { 
	//authenticate sign in
	$uid 		= strtolower(trim($_POST['txtID']));
	$pwd 		= trim($_POST['txtPWD']);
        
	//echo ldapAuth($uid, $pwd);
	$role 		= strtolower((ldapAuth($uid, $pwd) ? localAuth($uid, $pwd) : ''));

	if ($role) {
		$sessionid 				= base64_encode($uid.'-'.$pwd);
		$_SESSION['user'] 		= "$uid";
		$_SESSION['role'] 		= "$role";
		$_SESSION['sessionid'] 	= "$sessionid";

		//session information
		//close previous unclosed sessions
		mysql_query("update websessions set logouttime=now() where timediff(now(),logintime)>'03:00:00' and isnull(logouttime)");
		mysql_query("update websessions set logouttime=now() where userid='$uid' and isnull(logouttime)");
	
		//start current session
		mysql_query("insert into websessions(sessionid,userid,remoteip,logintime) 
		values('$sessionid','$uid','$remoteip',now())");
		header("Location: .");
	}
}
//check for singout signal
if ($_GET['logout'] == 1) {
        //close current session
        mysql_query("update websessions set logouttime=now(),duration=timediff(now(),logintime)
        where sessionid='$sessionid'");

        //reset session variables
        $_SESSION['user'] = "";
        $_SESSION['role'] = "";
        $user = "";
        $role = "";

	//finally destroy current session
	session_destroy();
	header("Location: .");

}

//log activity in access log database
accessLog($user, $referer, $url, $remoteip);

?>