PageRenderTime 70ms CodeModel.GetById 23ms RepoModel.GetById 0ms app.codeStats 1ms

/Quản lý website trường trung học phổ thông PHP/lc1/includes/core/admin_relogin.php

https://gitlab.com/phamngsinh/baitaplon_sinhvien
PHP | 127 lines | 108 code | 13 blank | 6 comment | 19 complexity | 45c5f8e8fa1c4d127ad865cafbb17d22 MD5 | raw file
    

  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  * @Project NUKEVIET 3.0
    5. 

  5.  * @Author VINADES.,JSC (contact@vinades.vn)
    6. 

  6.  * @copyright 2010
    7. 

  7.  * @createdate 1/10/2010 9:3
    8. 

  8.  */
    9. 

  9. 

  10. if ( ! defined( 'NV_MAINFILE' ) ) die( 'Stop!!!' );
    11. 

  11. 

  12. if ( defined( "NV_IS_ADMIN" ) )
    13. 

  13. {
    14. 

  14.     if ( empty( $admin_info['checkpass'] ) )
    15. 

  15.     {
    16. 

  16.         if ( $nv_Request->isset_request( NV_ADMINRELOGIN_VARIABLE, 'get' ) and $nv_Request->get_int( NV_ADMINRELOGIN_VARIABLE, 'get' ) == 1 )
    17. 

  17.         {
    18. 

  18.             $redirect = $nv_Request->get_string( 'admin_relogin_redirect', 'session' );
    19. 

  19.             $check_hits = $admin_info['checkhits'];
    20. 

  20.             $check_hits ++;
    21. 

  21.             $nv_Request->set_Session( 'online', '0|' . $admin_info['last_online'] . '|' . NV_CURRENTTIME . '|' . $check_hits );
    22. 

  22.             
    23. 

  23.             $error = "";
    24. 

  24.             $password = "";
    25. 

  25.             if ( $nv_Request->get_int( 'save', 'post' ) == '1' )
    26. 

  26.             {
    27. 

  27.                 if ( $client_info['is_myreferer'] != 1 ) trigger_error( "Wrong URL", 256 );
    28. 

  28.                 $nv_password = filter_text_input( 'nv_password', 'post', '', '', 50 );
    29. 

  29.                 if ( empty( $nv_password ) )
    30. 

  30.                 {
    31. 

  31.                     $error = $lang_global['password_empty'];
    32. 

  32.                 }
    33. 

  33.                 else
    34. 

  34.                 {
    35. 

  35.                     if ( defined( 'NV_IS_USER_FORUM' ) )
    36. 

  36.                     {
    37. 

  37.                         $nv_username = $admin_info['username'];
    38. 

  38.                         define( 'NV_IS_MOD_USER', true );
    39. 

  39.                         nv_insert_logs( NV_LANG_DATA, "login", "[" . $nv_username . "] " . strtolower( $lang_global['loginsubmit'] ), " Client IP:" . NV_CLIENT_IP, 0 );
    40. 

  40.                         require_once ( NV_ROOTDIR . '/' . DIR_FORUM . '/nukeviet/login.php' );
    41. 

  41.                     }
    42. 

  42.                     
    43. 

  43.                     $query = $db->constructQuery( "SELECT t1.admin_id as admin_id, t1.lev as admin_lev, t1.last_agent as admin_last_agent, t1.last_ip as admin_last_ip, t1.last_login as admin_last_login, t2.password as admin_pass FROM `" . NV_AUTHORS_GLOBALTABLE . "` AS t1 INNER JOIN  `" . NV_USERS_GLOBALTABLE . "` AS t2 ON t1.admin_id  = t2.userid WHERE t1.admin_id = [s] AND t1.lev!=0 AND t1.is_suspend=0 AND t2.active=1", $admin_info['admin_id'] );
    44. 

  44.                     $result = $db->sql_query( $query );
    45. 

  45.                     $row = $db->sql_fetchrow( $result );
    46. 

  46.                     $db->sql_freeresult( $result );
    47. 

  47.                     if ( ! $crypt->validate( $nv_password, $row['admin_pass'] ) )
    48. 

  48.                     {
    49. 

  49.                         $error = $lang_global['incorrect_password'];
    50. 

  50.                     }
    51. 

  51.                     else
    52. 

  52.                     {
    53. 

  53.                         $nv_Request->set_Session( 'online', '1|' . NV_CURRENTTIME . '|' . NV_CURRENTTIME . '|0' );
    54. 

  54.                         $nv_Request->unset_request( 'admin_login_redirect', 'session' );
    55. 

  55.                         
    56. 

  56.                         if ( ! empty( $redirect ) and nv_is_myreferer( $redirect ) == 1 )
    57. 

  57.                         {
    58. 

  58.                             Header( "Location: " . nv_url_rewrite( $redirect, true ) );
    59. 

  59.                             exit();
    60. 

  60.                         }
    61. 

  61.                         else
    62. 

  62.                         {
    63. 

  63.                             Header( "Location: " . NV_BASE_ADMINURL );
    64. 

  64.                             exit();
    65. 

  65.                         }
    66. 

  66.                     }
    67. 

  67.                 }
    68. 

  68.             }
    69. 

  69.             if ( $check_hits > NV_ADMINRELOGIN_MAX )
    70. 

  70.             {
    71. 

  71.                 $nv_Request->unset_request( 'admin,online', 'session' );
    72. 

  72.                 $nv_Request->unset_request( 'admin_relogin_redirect', 'session' );
    73. 

  73.                 
    74. 

  74.                 if ( ! empty( $redirect ) and nv_is_myreferer( $redirect ) == 1 )
    75. 

  75.                 {
    76. 

  76.                     $server_name = preg_replace( '/^www\./e', '', nv_getenv( "HTTP_HOST" ) );
    77. 

  77.                     $nohttp_redirect = preg_replace( array( '/^[a-zA-Z]+\:\/\//e', '/www\./e' ), array( '', '' ), $redirect );
    78. 

  78.                     if ( ! preg_match( "/^" . preg_quote( $server_name ) . '\/' . preg_quote( NV_ADMINDIR ) . "/", $nohttp_redirect ) )
    79. 

  79.                     {
    80. 

  80.                         Header( "Location: " . $redirect );
    81. 

  81.                         exit();
    82. 

  82.                     }
    83. 

  83.                 }
    84. 

  84.                 Header( "Location: " . NV_BASE_SITEURL );
    85. 

  85.                 die();
    86. 

  86.             }
    87. 

  87.             
    88. 

  88.             $info = ( ! empty( $error ) ) ? '<div class="error">' . sprintf( $lang_global['relogin_error_info'], $error, ( NV_ADMINRELOGIN_MAX - $check_hits + 1 ) ) . '</div>' : '<div class="normal">' . sprintf( $lang_global['relogin_info'], NV_ADMINRELOGIN_MAX - $check_hits + 1 ) . '</div>';
    89. 

  89.             $size = @getimagesize( NV_ROOTDIR . '/' . $global_config['site_logo'] );
    90. 

  90.             
    91. 

  91.             $dir_template = "";
    92. 

  92.             if ( file_exists( NV_ROOTDIR . "/themes/" . $global_config['admin_theme'] . "/system/relogin.tpl" ) )
    93. 

  93.             {
    94. 

  94.                 $dir_template = NV_ROOTDIR . "/themes/" . $global_config['admin_theme'] . "/system";
    95. 

  95.             }
    96. 

  96.             else
    97. 

  97.             {
    98. 

  98.                 $dir_template = NV_ROOTDIR . "/themes/admin_default/system";
    99. 

  99.                 $global_config['admin_theme'] = "admin_default";
    100. 

  100.             }
    101. 

  101.             $xtpl = new XTemplate( "relogin.tpl", $dir_template );
    102. 

  102.             
    103. 

  103.             $xtpl->assign( 'CHARSET', $global_config['site_charset'] );
    104. 

  104.             $xtpl->assign( 'SITE_NAME', $global_config['site_name'] );
    105. 

  105.             $xtpl->assign( 'PAGE_TITLE', $lang_global['admin_page'] );
    106. 

  106.             $xtpl->assign( 'CSS', NV_BASE_SITEURL . "themes/" . $global_config['admin_theme'] . "/css/login.css" );
    107. 

  107.             $xtpl->assign( 'SITELANG', NV_LANG_INTERFACE );
    108. 

  108.             $xtpl->assign( 'NV_BASE_SITEURL', NV_BASE_SITEURL );
    109. 

  109.             $xtpl->assign( 'LOGO_SRC', NV_BASE_SITEURL . $global_config['site_logo'] );
    110. 

  110.             $xtpl->assign( 'LOGO_WIDTH', $size[0] );
    111. 

  111.             $xtpl->assign( 'LOGO_HEIGHT', $size[1] );
    112. 

  112.             $xtpl->assign( 'LOGIN_TITLE', $lang_global['adminlogin'] );
    113. 

  113.             $xtpl->assign( 'LOGIN_INFO', $info );
    114. 

  114.             $xtpl->assign( 'N_PASSWORD', $lang_global['password'] );
    115. 

  115.             $xtpl->assign( 'N_SUBMIT', $lang_global['loginsubmit'] );
    116. 

  116.             
    117. 

  117.             $xtpl->assign( 'NV_LOGOUT', $lang_global['admin_logout_title'] );
    118. 

  118.             
    119. 

  119.             $xtpl->parse( 'main' );
    120. 

  120.             include ( NV_ROOTDIR . "/includes/header.php" );
    121. 

  121.             $xtpl->out( 'main' );
    122. 

  122.             include ( NV_ROOTDIR . "/includes/footer.php" );
    123. 

  123.         }
    124. 

  124.     }
    125. 

  125. }
    126. 

  126. 

  127. ?>
    128.