login_form.php

开源的OA系统

<?php
 session_start();
 include "../datasource.inc.php";
 require_once  "../MessageBox.php";
 $Message  = new MessageBox;
 $query    = "select * from job_user where userid='$_REQUEST[userid]' and userpwd=PASSWORD('$_REQUEST[userpwd]')";
 $result   = mysql_query($query);
 $row      = mysql_fetch_array($result);
 if ( $row['userjs'] =="0" ){
  if ( mysql_num_rows($result) > 0 ){
 	 $_SESSION["userid"]      = $row['userid'];
 	 $_SESSION["userjs"]      = $row['userjs'];  
 	 $_SESSION["realname"]    = $row['username']; 
	 $_SESSION["login"]       = 1;
     $ipaddress = $HTTP_SERVER_VARS['REMOTE_ADDR'];
	 $date    = Date("Y-m-j H:i:s");
     $query="insert into logs values ('','$_SESSION[realname]','$date','$ipaddress')";
     $result=mysql_query($query);
	header("Location:main.htm"); 
	} else {
    $Message->setMessage("对不起，您没有权限进入后台管理!","../index.php");
    $Message->showMessage();
   }
 } else{ 
 $query    = "select * from job_user where userid='$_REQUEST[userid]' and userpwd=PASSWORD('$_REQUEST[userpwd]') and department='$_REQUEST[department]'";
 $result   = mysql_query($query);
 $row      = mysql_fetch_array($result);
 if ( mysql_num_rows($result) > 0 ){
 	 $_SESSION["userid"]      = $row['userid'];
 	 $_SESSION["userjs"]      = $row['userjs'];  
	 $_SESSION["department"]  = $row['department'];  
 	 $_SESSION["realname"]    = $row['username']; 
	 $_SESSION["login"]       = 1;
     $ipaddress = $HTTP_SERVER_VARS['REMOTE_ADDR'];
	 $date    = Date("Y-m-j H:i:s");
     $query="insert into logs values ('','$_SESSION[realname]','$date','$ipaddress')";
     $result=mysql_query($query);
	header("Location:main.htm"); 
 } else {
    $Message->setMessage("对不起，您没有权限进入后台管理!","../index.php");
    $Message->showMessage();
 }
}

?>