Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20 System : Linux st2.domain.com 3.10.0-1127.10.1.el7.x86_64 #1 SMP Wed Jun 3 14:28:03 UTC 2020 x86_64 User : apache ( 48) PHP Version : 7.4.20 Disable Function : NONE Directory : /var/www/html/thietkewebvumi.com/lib/ |
<?php
class admin_class {
function admin_class(){
global $sess,$DB,$CORE;
if (!$sess) $this->admin_login();
if ($CORE->input['act']=="logout") $this->admin_logout();
$time_now = $_SERVER['REQUEST_TIME'];
$timeout= $time_now - (30*24*60*60);
$DB->query("DELETE FROM NNCCMS_adsessions WHERE running_time<".$timeout.";");
$temp = $DB->query ("SELECT user_id from NNCCMS_adsessions where id='".$sess."' ORDER BY running_time DESC LIMIT 1;");
if ($test = $DB->fetch_row($temp)){
$u = $DB->query("SELECT * from NNCCMS_user where id='".$test['user_id']."' ;");
if ($mem = $DB->fetch_row($u)){
$CORE->admin_user =$mem;
$DB->query("UPDATE NNCCMS_adsessions SET running_time='".$time_now."' where id='".$sess."' ;");
}
}else{
//echo "DELETE FROM NNCCMS_adsessions WHERE running_time<".date('d/m/Y','1392616126').";";
//echo "SELECT user_id from NNCCMS_adsessions where id='".$sess."' and ip_address='".$CORE->ip."';";
//exit();
$this->admin_login();
}
}
function admin_login (){
global $CORE,$DB,$print,$INFO,$smarty;
if ($CORE->input['act']=="login"){
$username = trim($CORE->input['username']);
$password = trim($CORE->input['password']);
$pass=md5(md5($password));
$DB->query("SELECT u.* from NNCCMS_user u,NNCCMS_groups g
where u.name='".$username."' and u.password='".$pass."' and u.ug_id=g.g_id and g.g_supmod>0;");
/*
echo "SELECT u.* from NNCCMS_user u,NNCCMS_groups g
where u.name='".$username."' and u.password='".$pass."' and u.ug_id=g.g_id and g.g_supmod>0;";
*/
if ($check = $DB->fetch_row()){
$CORE->admin_user=$check;
$sess = md5(uniqid(microtime()));
$DB->query("INSERT INTO `NNCCMS_adsessions` VALUES ( '".$sess."',
'".$CORE->admin_user['id']."',
'".$CORE->ip."',
'".$_SERVER['REQUEST_TIME']."' ) ;");
$_SESSION['sess'] = $sess;
//$url = $INFO['home_url']."admin/index.php?s=".$sess;
$url = $INFO['home_url']."admin/index.php";
$print->refresh('index.php');
exit ();
}else{
$smarty->assign('login_error',1);
}
}
if(!empty($CORE->input['return_url'])){
$return_url = $CORE->input['return_url'];
}
$q3 = $DB->query("SELECT * FROM NNCCMS_collect WHERE `type`='logo' ORDER BY `time` DESC LIMIT 1");
while($r3 = $DB->fetch_row($q3)){
$banner3[] = $r3;
}
$smarty->assign('banner3',$banner3);
$smarty->assign('return_url',$return_url);
$smarty->display($INFO['skin_path'].'auth.tpl');
exit ();
}
function admin_logout (){
global $DB,$print,$sess,$INFO;
$url = $INFO['home_url']."?";
$DB->query("DELETE FROM NNCCMS_adsessions WHERE id='".$sess."' ;");
$print->refresh($url);
exit ();
}
} // end class member
?>