/modules/system_admin/edv-datenbank-pass.php
PHP | 242 lines | 227 code | 14 blank | 1 comment | 14 complexity | e34be7c05a332ca2a1f22bd8ca0a6e87 MD5 | raw file
Possible License(s): GPL-2.0, Apache-2.0, LGPL-2.1, MPL-2.0-no-copyleft-exception, MIT, BSD-3-Clause, LGPL-2.0, GPL-3.0
- <?php
- if(($sid==NULL)||($sid!=$$ck_sid_buffer)) { header("location:invalid-access-warning.php"); exit;}
- require_once($root_path.'include/inc_config_color.php');
- srand(time()*1000);
- $r=rand(1,1000);
- $dbname="maho";
- $allowedarea="System_Admin";
- $fileforward="edv-datenbank.php";
- $thisfile="edv-datenbank-pass.php";
- $breakfile="edv.php";
- if($_COOKIE['ck_login_logged'.$sid]&&$_COOKIE['ck_login_userid'.$sid])
- {
- header("location: passcheck-intern.php?sid=$sid&lang=$lang&allowedarea=$allowedarea&fileforward=$fileforward&retfilepath=$thisfile");
- exit;
- }
- //setcookie(ck_edv_db_user,"");
- function validarea($area,$zeile2,$range)
- {
- for ($i=0;$i<$range;$i++)
- if(($zeile2[$i]==$area)or($zeile2[$i]=="alle")) return 1;
- return 0;
- }
- function logentry($userid,$key,$report,$remark1,$remark2)
- {
- $logpath="logs/access/".date(Y)."/";
- if (file_exists($logpath))
- {
- $logpath=$logpath.date("Y_m_d").".log";
- $file=fopen($logpath,"a");
- if ($file)
- { if ($userid=="") $userid="blank";
- $line=date("d.m.Y").' '.date("H.i").' '.$report.' Username='.$userid.' Password='.$key.' Fileaccess='.$remark1.' Fileforward='.$remark2;
- fputs($file,$line);fputs($file,"\r\n");
- fclose($file);
- }
- }
- }
- if ($versand=="Abschicken")
- {
- $link=mysql_connect("localhost","httpd","");
- if ($link)
- { if(mysql_select_db($dbname,$link))
- { $sql='SELECT * FROM mahopass WHERE mahopass_id="'.$userid.'"';
- $ergebnis=$db->Execute($sql);
- if($ergebnis)
- {$zeile=$ergebnis->FetchRow();
- if (($zeile[mahopass_password]==$keyword)&&($zeile[mahopass_id]==$userid))
- {
- if (!($zeile[mahopass_lockflag]))
- {
- if (validarea($allowedarea,$zeile,mysql_num_fields($ergebnis)))
- {
- setcookie(ck_edv_db_user,$zeile[mahopass_name]);
- logentry($zeile[mahopass_name],"*","IP:".$REMOTE_ADDR."EDV DB verwalten Access OK'd",$thisfile,$fileforward);
- header("location: $fileforward?sid=$$ck_sid_buffer");
- exit;
- }else {$passtag=2;};
- }else $passtag=3;
- }else {$passtag=1;};
- }
- else {$passtag=1;};
-
- };
-
- }
- else
- { echo "Verbindung zur Datenbank konnte nicht hergestellt werden.<br>"; $passtag=5;}
- }
- ?>
- <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 3.0//EN" "html.dtd">
- <HTML>
- <HEAD>
- <?php echo setCharSet(); ?>
- <TITLE>EDV - Datenbank Verwalten</TITLE>
-
- <?php if($cfg['dhtml'])
- { echo'
- <script language="javascript" src="../js/hilitebu.js">
- </script>
-
- <STYLE TYPE="text/css">
- A:link {text-decoration: none; color: '.$cfg['body_txtcolor'].';}
- A:hover {text-decoration: underline; color: '.$cfg['body_hover'].';}
- A:active {text-decoration: none; color: '.$cfg['body_alink'].';}
- A:visited {text-decoration: none; color: '.$cfg['body_txtcolor'].';}
- A:visited:active {text-decoration: none; color: '.$cfg['body_alink'].';}
- A:visited:hover {text-decoration: underline; color: '.$cfg['body_hover'].';}
- </style>';
- }
- ?>
-
- </HEAD>
- <BODY <?php if (!$nofocus) echo 'onLoad="document.passwindow.userid.focus()"'; echo ' bgcolor='.$cfg['body_bgcolor'];
- if (!$cfg['dhtml']){ echo ' link='.$cfg['body_txtcolor'].' alink='.$cfg['body_alink'].' vlink='.$cfg['body_txtcolor']; }
- ?>>
- <p>
- <FONT SIZE=-1 FACE="Arial">
- <P>
- <FONT COLOR=#cc6600 SIZE=5 FACE="verdana"> <b>Datenbank Verwalten</b></font>
- <p>
- <table width=100% border=0 cellpadding="0" cellspacing="0">
- <tr>
- <td colspan=3><img src=../img/einga-b.gif border=0 width=130 height=25><!-- <a href="op-pflege-logbuch-such-pass.php?sid=<?php echo $$ck_sid_buffer;?>"><img src="../img/such-gray.gif" border=0 width=130 height=25 <?php if($cfg['dhtml'])echo'style=filter:alpha(opacity=70) onMouseover=hilite(this,1) onMouseOut=hilite(this,0)>';?></a><a href="op-pflege-logbuch-arch-pass.php?sid=<?php echo $$ck_sid_buffer;?>"><img src="../img/arch-gray.gif" border=0 width=130 height=25 <?php if($cfg['dhtml'])echo'style=filter:alpha(opacity=70) onMouseover=hilite(this,1) onMouseOut=hilite(this,0)>';?></a> --></td>
- </tr>
- <tr>
- <td bgcolor=#333399 colspan=3>
- <FONT SIZE=1 FACE="Arial"><STRONG> </STRONG></FONT>
- </td>
- </tr>
- <tr bgcolor="#DDE1EC">
- <td bgcolor=#333399><font size=1> </td>
- <td>
- <p><br>
- <center>
- <?php if ((($userid!=NULL)||($keyword!=NULL))&&($passtag!=NULL))
- {
- echo '<FONT COLOR="red" SIZE=+2 FACE="Arial"><STRONG>';
- $errbuf="EDV - DB verwalten ";
- switch($passtag)
- {
- case 1:$errbuf=$errbuf."Falsche Eingabe"; echo '<img src=../img/cat-fe.gif align=left>';break;
- case 2:$errbuf=$errbuf."Keine Berechtigung"; echo '<img src=../img/cat-noacc.gif align=left>';break;
- default:$errbuf=$errbuf."Zugang gesperrt"; echo '<img src=../img/warn.gif align=left>';
- }
- logentry($userid,$keyword,$errbuf,$thisfile,$fileforward);
- echo '</STRONG></FONT><P>';
- }
- ?>
- <table border=0 cellpadding=0 cellspacing=0>
- <tr>
- <?php if(!$passtag) echo'
- <td>
- <img src="../img/ned2r.gif" border=0 width=100 height=138 >
- </td>
- ';
- ?>
- <td bgcolor="#999999" valign=top>
- <table cellpadding=1 bgcolor=#999999 cellspacing=0>
- <tr>
- <td>
- <table cellpadding=20 bgcolor=#eeeeee >
- <tr>
- <td>
- <p>
- <FORM action="<?php echo $thisfile; ?>" method="post" name="passwindow">
- <font color=maroon size=3>
- <b>Passwort ist erforderlich!</b></font><p>
- <font face="Arial,Verdana" color="#000000" size=-1>
- Benutzername eingeben:<br></font>
- <INPUT type="text" name="userid" size="14" maxlength="25"> <p>
- <font face="Arial,Verdana" color="#000000" size=-1>Passwort eingeben:</font><br>
- <INPUT type="password" name="keyword" size="14" maxlength="25">
- <input type="hidden" name="versand" value="Abschicken">
- <input type="hidden" name="sid" value="<?php echo $sid; ?>">
- <input type="image" src="../img/abschic.gif" border=0 width=110 height=24>
- </font>
- </FORM>
- <FORM action="<?php echo $breakfile;?>" name=cancelbut>
- <input type="hidden" name="sid" value="<?php echo $sid; ?>">
- <input type="image" src="../img/abbrech.gif" border=0 width=103 height=24>
- </font></FORM>
- </td>
- </tr>
- </table>
- </td>
- </tr>
- </table>
- </td>
- </tr>
- </table>
- <p><br>
- </center>
- </td>
- <td bgcolor=#333399><font size=1> </td>
- </tr>
- <tr >
- <td bgcolor="#333399" colspan=3><font size=1>
-
- </td>
- </tr>
- </table>
- <p>
- <img src="../img/small_help.gif"> <a href="<?php echo $root_path; ?>main/ucons.php<?php echo URL_APPEND; ?>">Einf�hrung in die SQL Datenbank.</a><br>
- <img src="../img/small_help.gif"> <a href="<?php echo $root_path; ?>main/ucons.php<?php echo URL_APPEND; ?>">Wie mache ich was hier?</a><br>
- <HR>
- <p>
- <?php
- require($root_path.'include/inc_load_copyrite.php');
- ?>
- </FONT>
- </BODY>
- </HTML>