Your IP : 216.73.216.40

Current Path : /var/www/html/mmishra/iws8/html/icure/
Upload File :
Current File : /var/www/html/mmishra/iws8/html/icure/session.inc

<?php

//include configuration and function library

require("config.inc");
require("functions.inc");
require 'classes/PHPMailerAutoload.php';
//require 'classes/class.smtp.php';
date_default_timezone_set('Asia/Kolkata');

//call database connection
dbConnect("icure");

//some enumerated values

$statuss = array('Online','Offline');
$roles = array('Admin','Doctor','Staff','Patient','Guest');
//$patgps = array('Student','Employee','AgencyStaff','Others');
$patgps = array('Student','Employee','Others');
$testgps = array('Haemetology','Biochemical');
$prescriptions = array('Medicine','Test');
$shifts = array('Morning','Evening','Night','Special'); 
$heads = array('Registrations','Prescriptions','Admissions','Medications');
$weekdays = array('Monday','Tuesday','Wednesday','Thursday','Friday','Saturday','Sunday'); 
$months = array('Jan','Feb','Mar','Apr','May','Jun','Jul','Aug','Sep','Oct','Nov','Dec'); 

$referer = $_SERVER['HTTP_REFERER'];
$url = $_SERVER['REQUEST_URI'];
$remoteip = getIP(); 

//initialize session variables and session
session_start();

if (isset($_SESSION['sessionid'])) {
	//check session and session variables        
	$sessionid = $_SESSION['sessionid'];
	$user = $_SESSION['user'];
	$role = $_SESSION['role'];

} else if (isset($_POST['login']) && $_POST['txtID']) { 
	//authenticate sign in
	$uid = strtolower(trim($_POST['txtID']));
	$pwd = trim($_POST['txtPWD']);
        
	echo ldapAuth($uid, $pwd);
	$role = strtolower((ldapAuth($uid, $pwd) ? localAuth($uid, $pwd) : 'patient'));

	$sessionid = base64_encode($uid.'-'.$pwd);
	$_SESSION['user'] = "$uid";
        $_SESSION['role'] = "$role";
	$_SESSION['sessionid'] = "$sessionid";

        //session information
        //close previous unclosed sessions
	mysql_query("update websessions set logouttime=now() where timediff(now(),logintime)>'03:00:00' and isnull(logouttime)");
	mysql_query("update websessions set logouttime=now() where userid='$uid' and isnull(logouttime)");
	//start current session
        mysql_query("insert into websessions(sessionid,userid,remoteip,logintime) 
	values('$sessionid','$uid','$remoteip',now())");
        header("Location: .");
}

//check for singout signal
if ($_GET['logout'] == 1) {
        //close current session
        mysql_query("update websessions set logouttime=now(),duration=timediff(now(),logintime)
        where sessionid='$sessionid'");

        //reset session variables
        $_SESSION['user'] = "";
        $_SESSION['role'] = "";
        $user = "";
        $role = "";

	//finally destroy current session
	session_destroy();
	header("Location: .");

}

//log activity in access log database
accessLog($user, $referer, $url, $remoteip);

?>