|
|
|---|
$auth_type = 1; | $auth_type = 1; |
$cant_auth = 0; | $cant_auth = 0; |
| |
if (isset($user) && isset($pass)) { |
if (preg_match("/^[\w\@\.]{0,20}$/", $user) && isset($pass)) { |
$query_auth = "select id as auth_user_id, usern as auth_user_name, passwd, fullname as auth_user_fullname from auth where usern = '$user'"; | $query_auth = "select id as auth_user_id, usern as auth_user_name, passwd, fullname as auth_user_fullname from auth where usern = '$user'"; |
$result_auth = db_query ($query_auth); | $result_auth = db_query ($query_auth); |
$cant_auth = db_num_rows($result_auth); | $cant_auth = db_num_rows($result_auth); |
|
|
|---|
} | } |
| |
if (($auth==0) && ($cant_auth == 0)){ //not found in DB | if (($auth==0) && ($cant_auth == 0)){ //not found in DB |
if (isset($user) && isset($pass)) { |
|
|
if (preg_match("/^[\w\@\.]{0,20}$/", $user) && isset($pass)) { |
$query_auth = "select id as auth_user_id, username as auth_user_name, name as auth_user_fullname from clients where username= '$user' and password = '$pass'"; | $query_auth = "select id as auth_user_id, username as auth_user_name, name as auth_user_fullname from clients where username= '$user' and password = '$pass'"; |
$result_auth = db_query ($query_auth); | $result_auth = db_query ($query_auth); |
$auth = db_num_rows( $result_auth); | $auth = db_num_rows( $result_auth); |
} | } |
|
|
if ($auth==1) { | if ($auth==1) { |
$reg = db_fetch_array($result_auth); | $reg = db_fetch_array($result_auth); |
$auth_type = 2; | $auth_type = 2; |
} | } |
} | } |
| |
if (($log_event==true) && (!empty($user))) |
if (($log_event==true) && preg_match("/^[\w\@\.]{0,20}$/", $user)) |
insert_event(date("Y-m-d H:i:s",time()),get_config_option("jffnms_internal_type"),1,"Login",(($auth==1)?"successful":"failed"),$user,$log_event_info,"",0); | insert_event(date("Y-m-d H:i:s",time()),get_config_option("jffnms_internal_type"),1,"Login",(($auth==1)?"successful":"failed"),$user,$log_event_info,"",0); |
| |
unset ($reg["passwd"]); | unset ($reg["passwd"]); |
