Your IP : 216.73.216.40
<?php
//include configuration and function library
require("config.inc");
require("functions.inc");
//call database connection
dbConnect("snp");
//some enumerated values
$statuss = array('Active','Inactive');
$roles = array('Admin','Doctor','Staff','Patient','Guest');
$patgps = array('Student','Employee','Others');
$shifts = array('Morning','Evening','Night','Special');
$heads = array('Institute', 'Department','Project');
$weekdays = array('Monday','Tuesday','Wednesday','Thursday','Friday','Saturday','Sunday');
$referer = $_SERVER['HTTP_REFERER'];
$url = $_SERVER['REQUEST_URI'];
$remoteip = getIP();
//$_SERVER["REMOTE_ADDR"];
date_default_timezone_set('Asia/Calcutta');
//initialize session variables and session
session_start();
if (isset($_SESSION['sessionid'])) {
//check session and session variables
$sessionid = $_SESSION['sessionid'];
$user = $_SESSION['user'];
$role = $_SESSION['role'];
} else if (isset($_POST['login']) && $_POST["txtID"]) {
//authenticate sign in
$uid = trim($_POST["txtID"]);
$pwd = trim($_POST["txtPWD"]);
//if ($uid == 'icure')
// $role = localAuth($uid, $pwd);
//else
$role = (ldapAuth($uid, $pwd) ? localAuth($uid, $pwd) : 'nologin');
if ($role == 'nologin') {
//header("Location: nologin/");
header("Location: /");
} else {
$sessionid = base64_encode($uid.'-'.$pwd);
$_SESSION["user"] = "$uid";
$_SESSION["role"] = "$role";
$_SESSION["sessionid"] = "$sessionid";
//session information
mysql_query("insert into websessions(userid,remoteip,action,datesession)
values('$uid','$remoteip','login',now())");
if ($role == 'Admin') {
header("Location: admin/");
} else if ($role == 'Officer') {
header("Location: officer/");
} else if ($role == 'Staff') {
header("Location: staff/");
} else
header("Location: /");
}
}
if ($_REQUEST['logout'] == 1) {
//check for sing out signal
//session information
mysql_query("insert into websessions(userid,remoteip,action,datesession)
values('$user','$remoteip','logout',now())");
//reset session variables
$_SESSION['user'] = "";
$_SESSION['role'] = "";
$user = "";
$role = "";
//finally destroy current session
session_destroy();
header("Location: .");
}
//session_destroy();
//log activity in access log database
accessLog($user, $referer, $url, $remoteip);
$header = "<html>
<head>
<title>SnP Ver. 1.0</title>
<base href='https://istore.iiita.ac.in/' />
<link href='css/style.css' rel='stylesheet' />
<script type='text/javascript' src='js/myscripts.js' />
". ajax() ."
</head>
<body>
<center>
<b>
<font size='+2' color='white'>STORES</font>
<img src='images/iLogo.png' width='50' height='50' border='0' />
<font size='+2' color='white'>PURCHASE</font>
</b>
<h1>Indian Institute of Information Technology Allahabad</h1>
<font size='+1'>( <img src='images/snp.jpg' width='15' height='15' border='0' /> SnP Ver. 1.0 )</font><br><br>";
$print = $_REQUEST["print"];
if ($user && !$print)
$header .= "<div align='right'>
Welcome! $user ($role),
please go [ <a href='/'>Home, <a href='javascript: window.history.back()'>Back</a> ] or
[ <a href='?logout=1'>Logout</a>, <a href='?pg=changepwd'>Change Paasword</a> ] here.
</div><br>";
$pg = ($_REQUEST["pg"] ? $_REQUEST["pg"] : '');
$header .= "<form method='POST' action='".$_SERVER['PHP_SELF']."'>
<input type='hidden' name='pg' value='$pg'>";
$footer = "</form>";
if (!$print) {
$footer .= "<br><br><br><br>
<div id='footer' align='center'>
<b>©2015 Stores & Purchase, IIIT Allahabad, Devghat, Jhalwa, Allahabad-211012 (UP) INDIA<br>
Items should be eighter in use or in the stores.<br><br>
Contact: 0532-2922051/
<hr style='border: 0; border-top: 1px solid lightpink'>
Developed by: Mithilesh Kr. Mishra (System Analyst), IIIT Allahabad
</div>";
}
$footer .= "</center></body></html>";
?>