login.php

通达OA部分源代码

<?php

include_once "session.php";
include_once "myconnect.php";

if(isset($_SESSION["sbbleads_userid"])&&($_SESSION["sbbleads_userid"]<>""))
{
	header("Location: gen_confirm.php?errmsg=".urlencode('You are already logged in as '.$_SESSION["sbbleads_username"]));
	die();
}

function main()
{
?>
<table width="90%" border="0" align="center" cellpadding="5" cellspacing="0" class="msgstyle">
  <tr align="left"> 
    <td colspan="2"><strong>Welcome to the member area<?php //echo $_SESSION["sbbleads_username"];?>, 
      you have successfully logged-in.</strong></td>
  </tr>
  <?
  if(isset($_REQUEST["return_path"]) && ($_REQUEST["return_path"]<>""))
  {
  $return_path=$_REQUEST["return_path"]."?sb_id=".$_REQUEST["id"]."&sb_type=".$_REQUEST["sb_type"];
  ?>
  <tr> 
    <td width="2%" align="center">&nbsp;</td>
    <td width="100%" align="left"> Click <a href="<?php echo $return_path;?>">here</a> 
      <?php
	if(preg_match("/\/cart_items.php/",$_REQUEST["return_path"]))
	{ echo " to view your inquiry basket.";}
	elseif(preg_match("/\/add_favorites.php/",$_REQUEST["return_path"]))
	{ echo " to add offers/profiles to your favorite list.";}
	elseif(preg_match("/\/addtocart.php/",$_REQUEST["return_path"]))
	{ echo " to add offers/products to your inquiry basket.";}
	elseif(preg_match("/\/contactuser.php/",$_REQUEST["return_path"]))
	{ echo " to send inquiries to member.";}
	else
	{ echo " to continue";}
    ?>
    </td>
  </tr>
  <?
  }
  if($_REQUEST["sb_type"]<>0)
  {
  		switch($_REQUEST["sb_type"])
		{
			case 1:
				$return_path="view_offer.php?id=".$_REQUEST["id"];
				break;
			case 2:
				$return_path="view_offer_buy.php?id=".$_REQUEST["id"];
				break;
			case 3:
				$return_path="view_product.php?id=".$_REQUEST["id"];
				break;
			case 4:
				$return_path="view_profile.php?id=".$_REQUEST["id"];
				break;
		}

  ?>
  <tr> 
    <td align="center">&nbsp;</td>
    <td align="left">Click <a href="<?php echo $return_path;?>">here</a> 
      to view offer/profile detail page. </td>
  </tr>
  <?php
  }
  ?>
  <tr> 
    <td align="center">&nbsp;</td>
    <td align="left">Click <a href="userhome.php">here</a> to go to member area. 
    </td>
  </tr>
  <tr>
    <td align="center">&nbsp;</td>
    <td align="left">Click <a href="show_messages.php">here</a> to view messages. 
      (&nbsp;<? 
		$num=mysql_num_rows(mysql_query("select sb_id from sbbleads_messages where sb_msg_read='No' and sb_t_del='No' and sb_tid=".$_SESSION["sbbleads_userid"]));
				  echo $num;
				  ?> New &nbsp;) </td>
  </tr>
  <tr> 
    <td align="center">&nbsp;</td>
    <td align="left">Click <a href="logout.php">here</a> to logout. </td>
  </tr>
</table>
<?
}

if(!isset($_REQUEST['username']) || ($_REQUEST['username']=="") || !isset($_REQUEST['pwd']) || ($_REQUEST['pwd']=="") )
{
 header("Location: ". "signin.php?errmsg=".urlencode("Please enter login information."));
 die();
}
			if (!get_magic_quotes_gpc()) {
			$username=str_replace('$', '\$',addslashes($_REQUEST["username"]));
			$pwd=str_replace('$', '\$',addslashes($_REQUEST["pwd"]));
			}
			else
			{
			$username=str_replace('$', '\$',$_REQUEST["username"]);
			$pwd=str_replace('$', '\$',$_REQUEST["pwd"]);
			}
$sql = "SELECT * FROM sbbleads_members WHERE sb_username = '$username' AND sb_password = '$pwd'" ;

$rs_query=mysql_query($sql);
if ( $rs=mysql_fetch_array($rs_query)  )
{
if($rs["sb_suspended"]=="no")
{
	if($rs["sb_password"]===$_REQUEST['pwd'])
	{
	$_SESSION["sbbleads_username"]=$rs["sb_username"] ;
	$_SESSION["sbbleads_userid"]=$rs["sb_id"] ;
	$_SESSION["sbbleads_memtype"]=$rs["sb_memtype"];
	
	mysql_query("update sbbleads_members set sb_lastlogin='".date("YmdHis",time())."' where sb_id=".$rs["sb_id"]);
	if(isset($_REQUEST["remember_user"]))
	{
	setcookie("softbiz_blead_user",$rs["sb_username"],(time()+(3600*24*365)),"/");
	setcookie("softbiz_blead_pwd",$rs["sb_password"],(time()+(3600*24*365)),"/");
	}
	else
	{
	if(isset($_COOKIE["softbiz_blead_user"])&&($_COOKIE["softbiz_blead_user"]==$rs["sb_username"]) && isset($_COOKIE["softbiz_blead_pwd"])&&($_COOKIE["softbiz_blead_pwd"]==$rs["sb_password"]))
		{
	setcookie("softbiz_blead_user",$rs["sb_username"],(time()-(3600)),"/");
	setcookie("softbiz_blead_pwd",$rs["sb_password"],(time()-(3600)),"/");
		}
	}
	include_once "template.php";
/*	if(!isset($_REQUEST["sb_type"])||($_REQUEST["sb_type"]==0))
	{
		header("Location: ". "userhome.php?tmp=".$rs["sb_id"]."&errmsg=Welcome ".$rs["sb_username"]);
	}
	else
	{
	
		switch($_REQUEST["sb_type"])
		{
			case 1:
				header("Location: view_offer.php?id=".$_REQUEST["id"]);
				break;
			case 2:
				header("Location: view_offer_buy.php?id=".$_REQUEST["id"]);
				break;
			case 3:
				header("Location: view_product.php?id=".$_REQUEST["id"]);
				break;
			case 4:
				header("Location: view_profile.php?id=".$_REQUEST["id"]);
				break;
		}
	}
	die();*/
	}
}//not suspended
else
{
header("Location: ". "gen_confirm.php?errmsg=". urlencode("Your Account has been suspended by Admin.") );
die();
}
}
else
{
header("Location: ". "signin.php?errmsg=". urlencode("Please enter correct login information.") );
die();
}
?>