Your IP : 216.73.216.40

Current Path : /var/www/html/mmishra/indem/old/indem/
Upload File :
Current File : /var/www/html/mmishra/indem/old/indem/login.inc

<span id='title'>Login Form</span><br><br>

<?php
$submit = $_POST["submit"];
$loginid = htmlsafe($_POST["loginid"]);
$passwd = $_POST["passwd"];
$source_ip = $_SERVER["REMOTE_ADDR"];
$dated = date("Y-m-d H:i:s");
$target = $_REQUEST["target"];

session_start();
if ($submit == 'LOGOUT') {
        session_destroy();
        $uid = '';
        login($loginid);
        exit;
} else if ($submit == 'LOGIN' && $loginid) {
        $stat = authenticate($loginid, $passwd);
        if ($stat == "OK") {
                $uid = $loginid;
                $pwd = $passwd;
                $_SESSION["uid"] = $uid;
                //session_register("uid");

		$ds = ldap_connect("ldap.iiita.ac.in");
		$rs = ldap_search($ds, "dc=iiita,dc=ac,dc=in","(&(uid=$uid)(objectClass=posixAccount))");
		$attr = ldap_get_entries($ds, $rs);
		$dn = $attr[0]["dn"];

		if (strpos($dn, "Webadmin")) 
			//connect iws24 mysql server
			$mdb = mysql_connect("localhost","root","mysql");
		else
			//connect iws45 mysql server 
			$mdb = mysql_connect("172.31.1.45","root","mysql");
		if (mysql_select_db("$uid")) {
			mysql_query("SET PASSWORD FOR '{$uid}'@'%' = password('$pwd')", $mdb);
			mysql_query("FLUSH PRIVILEGES");
		} else {
			mysql_select_db("mysql");
			//create mysql database by uid
			mysql_query("CREATE DATABASE $uid", $mdb); 
			//CREATE USER for localhost
			mysql_query("CREATE USER '{$uid}'@'localhost' IDENTIFIED BY '{$pwd}'", $mdb);
			//CREATE USER for any hosts
			mysql_query("CREATE USER '{$uid}'@'%' IDENTIFIED BY '{$pwd}'", $mdb);
			//GRANT ALL permissions to userid@localhost ON userid DATABASE
			mysql_query("GRANT ALL PRIVILEGES ON `{$uid}`.* TO '{$uid}'@'localhost' WITH GRANT OPTION", $mdb);
			//GRANT ALL permissions to userid@% ON userid DATABASE
			mysql_query("GRANT ALL PRIVILEGES ON `{$uid}`.* TO '{$uid}'@'%' WITH GRANT OPTION", $mdb);
			mysql_query("FLUSH PRIVILEGES");
		}
		mysql_close($mdb);
		ldap_close($ds);
	} else {
                echo "<b id='alert'>Sorry</b> invalid login, try again but not again & again.<br>";
                login($loginid);
                exit;
        }
}
session_start();
if (isset($_SESSION["uid"])) {
        $uid = $_SESSION["uid"];
	header("location: index.php?pg=$target");
} else {
        echo "<b id='alert'>Sorry</b> invalid login, session could not be created.<br>";
}
login($loginid);
exit;
?>