1,6 → 1,6 |
<?php |
|
if (!defined('IBLEGAL')) die('Kann nicht ohne Personal WebBase ausgeführt werden.'); |
if (!defined('WBLEGAL')) die('Kann nicht ohne Personal WebBase ausgeführt werden.'); |
|
/* if (!@is_writable('includes/session/')) |
{ |
187,11 → 187,11 |
|
$gesperrt = $header.'<h1>Fehler</h1>Sie wurden als Benutzer von Personal WebBase gesperrt. Bitte wenden Sie sich an den Serveradministrator.<br><br><a href="index.php">Zurück zum Webinterface</a>'.$footer; |
|
if (!isset($ib_user_type)) $ib_user_type = -1; |
if (!isset($wb_user_type)) $wb_user_type = -1; |
|
if (isset($_POST['login_process']) && ($_POST['login_process'] == '1')) |
{ |
if ($ib_user_type == 2) |
if ($wb_user_type == 2) |
{ |
if (md5($ib_user_passwort) != $konfiguration['main_administration']['admin_pwd']) // TODO: use sha3 hash, salted and peppered |
{ |
208,18 → 208,18 |
ib_change_config('last_login', $row[0], 'main_administration'); |
ib_change_config('last_login_ip', $_SERVER['REMOTE_ADDR'], 'main_administration'); |
|
$_SESSION['ib_user_type'] = $ib_user_type; |
$_SESSION['wb_user_type'] = $wb_user_type; |
$_SESSION['ib_user_passwort'] = $ib_user_passwort; |
} |
} |
|
if ($ib_user_type == '1') |
if ($wb_user_type == '1') |
{ |
if (($ib_user_username == $konfiguration['main_gastzugang']['gast_username']) && ($ib_user_passwort == $konfiguration['main_gastzugang']['gast_passwort'])) |
{ |
if ($konfiguration['main_gastzugang']['enable_gast']) |
{ |
$ib_user_type = '0'; |
$wb_user_type = '0'; |
} |
else |
{ |
255,7 → 255,7 |
$benutzer['last_login'] = $rw[0]; |
$benutzer['last_login_ip'] = $_SERVER['REMOTE_ADDR']; |
|
$_SESSION['ib_user_type'] = $ib_user_type; |
$_SESSION['wb_user_type'] = $wb_user_type; |
$_SESSION['ib_user_username'] = $ib_user_username; |
$_SESSION['ib_user_passwort'] = $ib_user_passwort; |
} |
269,7 → 269,7 |
} |
} |
|
if ($ib_user_type == '0') |
if ($wb_user_type == '0') |
{ |
if ($konfiguration['main_gastzugang']['enable_gast']) |
{ |
298,7 → 298,7 |
$benutzer['last_login'] = $rw[0]; |
$benutzer['last_login_ip'] = $_SERVER['REMOTE_ADDR']; |
|
$_SESSION['ib_user_type'] = $ib_user_type; |
$_SESSION['wb_user_type'] = $wb_user_type; |
} |
} |
else |
320,13 → 320,13 |
} |
else |
{ |
if ((!isset($_SESSION['ib_user_type'])) || (($_SESSION['ib_user_type'] != '0') && ($_SESSION['ib_user_type'] != '1') && ($_SESSION['ib_user_type'] != '2'))) |
if ((!isset($_SESSION['wb_user_type'])) || (($_SESSION['wb_user_type'] != '0') && ($_SESSION['wb_user_type'] != '1') && ($_SESSION['wb_user_type'] != '2'))) |
{ |
$ib_user_type = -1; |
$wb_user_type = -1; |
} |
else |
{ |
if ($_SESSION['ib_user_type'] == '0') |
if ($_SESSION['wb_user_type'] == '0') |
{ |
if ($konfiguration['main_gastzugang']['enable_gast']) |
{ |
346,7 → 346,7 |
} |
else |
{ |
$ib_user_type = $_SESSION['ib_user_type']; |
$wb_user_type = $_SESSION['wb_user_type']; |
$ib_user_username = $konfiguration['main_gastzugang']['gast_username']; |
$ib_user_passwort = $konfiguration['main_gastzugang']['gast_passwort']; |
} |
367,7 → 367,7 |
if (!headers_sent()) header('location: index.php?prv_modul='.urlencode($m2)); |
} |
} |
else if ($_SESSION['ib_user_type'] == '1') |
else if ($_SESSION['wb_user_type'] == '1') |
{ |
$res = db_query("SELECT * FROM `".$mysql_zugangsdaten['praefix']."users` WHERE `username` = '".db_escape($_SESSION['ib_user_username'])."' AND `passwort` = '".md5($_SESSION['ib_user_passwort'])."'"); // TODO: use sha3 hash, salted and peppered |
if (db_num($res) > 0) |
385,7 → 385,7 |
} |
else |
{ |
$ib_user_type = $_SESSION['ib_user_type']; |
$wb_user_type = $_SESSION['wb_user_type']; |
$ib_user_username = $_SESSION['ib_user_username']; |
$ib_user_passwort = $_SESSION['ib_user_passwort']; |
} |
398,7 → 398,7 |
if (!headers_sent()) header('location: index.php?prv_modul='.urlencode($m2)); |
} |
} |
else if ($_SESSION['ib_user_type'] == '2') |
else if ($_SESSION['wb_user_type'] == '2') |
{ |
if (md5($_SESSION['ib_user_passwort']) != $konfiguration['main_administration']['admin_pwd']) // TODO: use sha3 hash, salted and peppered |
{ |
406,7 → 406,7 |
} |
else |
{ |
$ib_user_type = $_SESSION['ib_user_type']; |
$wb_user_type = $_SESSION['wb_user_type']; |
$ib_user_passwort = $_SESSION['ib_user_passwort']; |
} |
} |