| Current Path : /home/happyrenas/old/huissier-express.fr/administration/2020/ |
Linux webd005.cluster105.gra.hosting.ovh.net 5.15.206-ovh-vps-grsec-zfs-classid #1 SMP Fri May 15 02:41:25 UTC 2026 x86_64 |
| Current File : /home/happyrenas/old/huissier-express.fr/administration/2020/auth.php |
<?
// FORCAGE DU LOUGOUT
if ($_GET['logout_user']==1)
{
$_SESSION[] = "";
session_unset();
session_destroy();
setcookie('auth_huissier', '',time() - 3600);
}
// AUTHENTIFICATION INITIALE, GENERATION COOKIE ET VARIABLE SESSION
$resultat="";
if ($mail_recuperation && $password_recuperation)
{
$resultat = "Login ou mot de passe incorrect ou compte inactif";
foreach ($tableau_admin_mail as $key => $value)
{
if ($mail_recuperation==$value && $password_recuperation==$tableau_admin_password[$key])
{
$_SESSION['admin_id'] = $key;
$_SESSION['admin_mail'] = $tableau_admin_mail[$key];
$_SESSION['admin_droit'] = $tableau_admin_droit[$key];
//INSERTION COOKIE
if ($remember_me_recuperation)
{
$cookie = base64_encode ("$key:"."$tableau_admin_droit[$key]:"."$mail_recuperation:".md5 ($password_recuperation));
setcookie('auth_huissier',$cookie,time() + $lifetime);
}
header("Refresh:0; url=index.php?c=a");;exit;
}
}
$num = $db->get_var("select count(id) from huissier where statut=1 AND mail = '$mail_recuperation' AND password = '$password_recuperation'");
if ($num!=0)
{
$myquery="select id from huissier where mail = '$mail_recuperation' AND password = '$password_recuperation'";
$marequete = $db->get_row($myquery);
$marequete->admin_droit=2;
$_SESSION['admin_id'] = $marequete->id;
$_SESSION['admin_mail'] = $mail_recuperation;
$_SESSION['admin_droit'] = $marequete->admin_droit;
//INSERTION COOKIE
if ($remember_me_recuperation)
{
$cookie = base64_encode ("$marequete->id:"."$marequete->admin_droit:"."$mail_recuperation:".md5 ($password_recuperation));
setcookie('auth_huissier',$cookie,time() + $lifetime);
}
header("Refresh:0; url=index.php?c=c");exit;
}
}
// SI UN COOKIE EXISTE, ON REMPLIT LES VARIABLES DE SESSION
if ($_COOKIE['auth_huissier'] && $_SESSION['admin_id_origine']=='')
{
$cookie = $_COOKIE['auth_huissier'];
$content = base64_decode ($cookie);
$tableau_cookie = explode (':', $content);
if ($tableau_cookie[1]==4)
{
if ($tableau_admin_mail[$tableau_cookie[0]] == $tableau_cookie[2] && md5($tableau_admin_password[$tableau_cookie[0]]) == $tableau_cookie[3])
{
$resultat1= "cookie : mail et password trouvés";
$_SESSION['admin_id'] = $tableau_cookie[0];
$_SESSION['admin_mail'] = $tableau_cookie[2];
$_SESSION['admin_droit'] = $tableau_cookie[1];
}
}
if ($tableau_cookie[1]!=4)
{
$num = $db->get_var("select count(id) from huissier where statut=1 AND mail = '".$tableau_cookie[2]."' AND password = '".md5($tableau_admin_password[$tableau_cookie[0]])."'");
if ($num)
{
$resultat1= "cookie : mail et password trouvés";
$_SESSION['admin_id'] = $tableau_cookie[0];
$_SESSION['admin_mail'] = $tableau_cookie[2];
$_SESSION['admin_droit'] = $tableau_cookie[1];
}
}
}
// SI LA SESSION EST VIDE ALORS ON LIT LE COOOKIE ET ON REMPLIT LA SESSION
if ($page!='login' && $_SESSION['admin_id']=='')
{
echo "Session non active<br>";
echo "<a href='login.php'>Se connecter</a>";
exit;
//ECHO "**************";
}
?>