|
// | Support: http://www.modernsupport.com/modernbill/ |
// +----------------------------------------------------------------------+
// | ModernGigabyte and ModernBill are trademarks of ModernGigabyte, LLC. |
// +----------------------------------------------------------------------+
// | REQUIRED SECURITY LOGIC DO NOT MODIFY NEXT 4 LINES |
// +----------------------------------------------------------------------+
require_once("include/functions.inc.php");
// +----------------------------------------------------------------------+
GLOBAL $debug, $authnet_enabled, $isloggedin, $login_error,
//$this_admin, $this_user,
$https, $page, $index_page, $dbh;
// set login page
$page = $index_page;
if (!$dbh) dbconnect();
// Login/Logout Logic
switch ($_REQUEST['op']) {
// ----------------------------------------
// LOGOUT AND DESTROY ALL SESSION VARIABLES
// ----------------------------------------
case 'logout':
if (session_unset()) { session_destroy(); }
setcookie("myip",'',-216000);
setcookie("ip",'',-216000);
Header("Location: $https://$secure_url"."$index_page");
break;
// ----------------------------------------
// PASSWORD REMINDER FORM
// ----------------------------------------
case 'reminder':
if (!empty($_REQUEST['email'])) {
$email = cdsql($_REQUEST['email']);
$_sql = "SELECT client_id FROM client_info WHERE client_email='$email'";
$client_id = adodb_one_data($_sql,'N');
if (!empty($client_id)) {
reset_password($client_id);
$response = 2;
} else {
$response = 1;
}
} else {
$response = NULL;
}
display_reminder($response);
break;
// ----------------------------------------
// VALIDATE LOGIN ATTEMPT AND DISPATCH TO ADMIN or USER INTERFACE
// ----------------------------------------
case 'login':
if ( !empty($_REQUEST['password']) && login($_REQUEST['username'],$_REQUEST['password']) ) {
$_sql = "SELECT config_60 FROM config WHERE config_type='main'";
$this_temp_config = adodb_one_data($_sql,'N');
if ($_SESSION['this_admin'] && $this_temp_config<1) {
if (is_dir("install_v4")||is_dir("install_tier1")||is_dir("install_tier2")||is_dir("install_tierX")) {
//echo "Please delete the installation directory before you login."; exit;
}
if (file_exists("module-loader.php")) {
echo "Please delete the module-loader.php before you login."; exit;
}
start_short_html();
display_first_login();
stop_short_html();
exit;
}
// redirect to a specific user or specific invoice
if ( (isset($_REQUEST['cid']) && is_numeric($_REQUEST['cid']) && preg_match("/^\d/",$_REQUEST['cid'])) ||
(isset($_REQUEST['iid']) && is_numeric($_REQUEST['iid']) && preg_match("/^\d/",$_REQUEST['iid'])) ) {
$iid = cdsql($_REQUEST['iid']);
$cid = cdsql($_REQUEST['cid']);
if ($cid&&!$iid) {
$_sql = "SELECT count(*) as num FROM client_info WHERE client_id='$cid'";
$valid_cid = adodb_one_data($_sql,'N');
$valid_iid = FALSE;
} elseif($iid&&!$cid) {
$_sql = "SELECT count(*) as num FROM client_invoice WHERE invoice_id='$iid'";
$valid_iid = adodb_one_data($_sql,'N');
$valid_cid = FALSE;
} else {
$valid_iid = $valid_cid = FALSE;
}
if ($valid_cid&&!$valid_iid) {
$uri = "op=client_details&db_table=client_info&tile=&id=client_id|$cid&";
} elseif ($valid_iid&&!$valid_cid) {
$uri = "op=client_invoice&db_table=client_invoice&tile=&print=&id=invoice_id|$iid&";
} else {
$uri = NULL;
}
} else {
$uri = NULL;
}
// is admin
if ($_SESSION['this_admin']) {
session_unregister('this_user');
$uri = ($_SESSION['this_admin']['admin_level']<=6) ? "op=menu&tile=support_desk" : $uri ;
Header("Location: $https://$secure_url"."$admin_page?$uri");
// is user
} elseif ($_SESSION['this_user']) {
session_unregister('this_admin');
$r_op = cdsql($redirect_op);
$r_tile = cdsql($redirect_tile);
$uri = ($r_op != '' && $r_tile != '') ? "op=$r_op&tile=$r_tile" : $uri ;
Header("Location: $https://$secure_url"."$user_page?$uri");
// is no one
} else {
if (session_unset()) session_destroy();
$login_error = TRUE;
display_login();
}
} else {
$login_error = TRUE;
display_login();
}
break;
// ----------------------------------------
// VALIDATE USER AND DISPATCH TO ADMIN or USER INTERFACE
// ----------------------------------------
default:
if (testlogin()) {
if ($_SESSION['this_admin']) {
session_unregister('this_user');
if ($lic_agree) {
Header("Location: $https://$secure_url"."$admin_page?op=setupwiz");
} else {
Header("Location: $https://$secure_url"."$admin_page");
}
} elseif ($_SESSION['this_user']) {
session_unregister('this_admin');
Header("Location: $https://$secure_url"."$user_page");
} else {
if (session_unset()) session_destroy();
display_login();
}
} else {
display_login();
}
break;
}
?>