global.php

jsp程序开发系统

<?php
// +-------------------------------------------------------------+
// | DeskPRO v [2.0.1 Production]
// | Copyright (C) 2001 - 2004 Headstart Solutions Limited
// | Supplied by WTN-WDYL
// | Nullified by WTN-WDYL
// | Distribution via WebForum, ForumRU and associated file dumps
// +-------------------------------------------------------------+
// | DESKPRO IS NOT FREE SOFTWARE
// +-------------------------------------------------------------+
// | License ID : Full Enterprise License =) ...
// | License Owner : WTN-WDYL Team
// +-------------------------------------------------------------+
// | $RCSfile: global.php,v $
// | $Date: 2004/02/10 01:34:26 $
// | $Revision: 1.75 $
// +-------------------------------------------------------------+
// | File Details:
// | - Global initialization for technician interface.
// +-------------------------------------------------------------+

error_reporting(E_ALL ^ E_NOTICE);

define('TECHZONE', 1);
define('LOC_JAVASCRIPT', './../../includes/javascript/');
define('LOC_IMAGES', './../../images/');
define('LOC_CSS', './../../includes/css/');
define('INCLUDE_PATH', './../../includes/');

require_once(INCLUDE_PATH . 'init.php');

############################### SESSIONS / USER DATA ###############################

// If we are *NOT* showing the login page, perform authentication checks

// log out
if ($_REQUEST['do'] == 'logout') {

	// it needs to be a valid session before we can log out of it otherwise we are just adding
	// entries to tech_log that we shouldn't be
	$session = validate_session(NULL, NULL, 1);

	logout_tech_session($_COOKIE['dp_tech_sessionid'], $session['techid']);
	global_login('You have been logged out.', 1);
}

// if we are not about to show the login page
if (!defined('LOGIN')) { 

	$session = validate_session(NULL, NULL, 1);

	if ($_REQUEST['original_uri']) {
		$req = $_REQUEST['original_uri'];
	} else {
		$req = $_SERVER['REQUEST_URI'];
	}
	
	// we have a session so get tech details
	if (is_array($session)) {
		if ($session['techid']) {
			$user = $db->query_return("SELECT * FROM tech WHERE id = '$session[techid]'");
		}

	// bad session, check userid/password if they are being remembered
	} elseif ($_COOKIE['dp_tech_userid'] AND $_COOKIE['dp_tech_password']) {

		$user = $db->query_return("	
			SELECT * FROM tech 
			WHERE id = '" . mysql_escape_string($_COOKIE['dp_tech_userid']) . "' 
			AND password_cookie = '" . mysql_escape_string($_COOKIE['dp_tech_password']) . "'
		");	

		// If the cookie is bogus but he's logging in anyway, keep going.
		if (!is_array($user) AND !(($_REQUEST['login_form'] == 'login') OR strtolower($_REQUEST['submit'] == 'login'))) {
			delete_cookies();
			sleep(1);
			global_login('The cookie your browser provided is invalid.');
		}

		// if we are here then the username/password match so we make a new session based on that
		$session = make_session($user[id]);

		// No headers yet if making a PDF
		if (!defined('PDF')) { 
			dp_setcookie('dp_tech_sessionid', $session[sessionid]);
		}
	}

	// is tech/admin trying to login
	if ($_REQUEST['login_form'] == 'login' OR strtolower($_REQUEST['submit']) == 'login') { 

		// clear old sessions before login
		prune_sessions();
		max_limits('users');

		$user = $db->query_return("
				SELECT * FROM tech 
				WHERE username = '". mysql_escape_string($_POST['username']) . "'
			");

		// check username exists
		if (!$db->num_rows()) {
			delete_cookies();
			sleep(1);
			global_login('The username you specified is not registered.');
		}

		if (($user['id'] AND $_POST['username'] != '') AND ($_POST['password'] == $user['password'])) {
			$session = make_session($user[id]);

			if (!defined('PDF')) {
				dp_setcookie('dp_tech_sessionid', $session[sessionid]);
			}

			// if we are staying logged in, we remember the userid/password at this point
			if ($_REQUEST[cookie]) {
				dp_setcookie('dp_tech_userid', $user[id], 'ever');
				dp_setcookie('dp_tech_password', $user[password_cookie], 'ever');
			}
		
			// Rebuild GET, POST and FILE data
			$_getvars = unserialize($_POST['_getvars']);
			$_GET = array_merge($_GET, $_getvars);

			$_postvars = unserialize($_POST['_postvars']);
			$_POST = array_merge($_POST, $_postvars);

			$_filevars = unserialize($_POST['_filevars']);
			$_FILES = array_merge($_FILES, $_filevars);

			if ($_REQUEST['_request']) {
				$_REQUEST = unserialize($_REQUEST['_request']);
			} else {
				$_REQUEST = array_merge($_GET,$_POST,$_COOKIE);
			}

			// fix where we are
			if (!$_REQUEST['original_url']) { 
				$_REQUEST['original_url'] = "./../home/index.php";
			} 

		} else {

			// username is correct, but password is wrong
			delete_cookies();
			sleep(1);
			global_login('The password you specified was invalid.');
		}
	}

	// no session at this point? need to login
	if (!is_array($session)) {
		global_login('Please login');
	}

	// is tech disabled?
	if (is_array($user)) {
		if ($user[disabled]) {
			sleep(1);
			global_login($user['disabled_reason']);
		}
	}
}

############################### GET LANGUAGES ###############################

// we need $dplang in tech zone
$db->query("SELECT * FROM template_words WHERE language = '0' OR language = '$session[language]' OR language = '$settings[default_language]'");
while ($result = $db->row_array()) {
	if ($result[language] == '0') {
		$start_lang[$result[wordref]] = trim($result[text]);
	} elseif ($result[language] == $settings[default_language]) {
		$default_lang[$result[wordref]] = trim($result[text]);
	} else {
		$this_lang[$result[wordref]] = trim($result[text]);
	}
}

$dplang = array_merge($start_lang, $default_lang);
$dplang = array_merge($dplang, $this_lang); 

$settings['timezone'] -= ($settings['timezone'] - $settings['timezone_offset']);

if ($user['timezone'] != NULL) {
	    $settings['timezone'] -= ($settings['timezone'] - $user['timezone']);
}   

if ($user['timezone_dst']) {
	    $settings['timezone']++;
}   

?>