Glavna stranica | Popis datoteka | Članovi klasa u datoteci

dologin.php

Dokumenacija za ovu datoteku.
00001 <?
00002 /**************************************************************************************
00003  Studentski Informacijski servis, 2004
00004  **************************************************************************************
00005  dologin.php
00006 
00007  login na sistem
00008  registrovanje osnovnih info. o korisniku
00009  i kreiranje i unistavanje sessije
00010 
00011 
00012  Srdjan Segvic - srle
00013  **************************************************************************************
00014  **************************************************************************************
00015  This program is free software; you can redistribute it and/or modify
00016  it under the terms of the GNU General Public License as published by
00017  the Free Software Foundation; either version 2 of the License, or
00018  (at your option) any later version.
00019 
00020  This program is distributed in the hope that it will be useful,
00021  but WITHOUT ANY WARRANTY; without even the implied warranty of
00022  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00023  GNU Library General Public License for more details.
00024 
00025  You should have received a copy of the GNU General Public License
00026  along with this program; if not, write to the Free Software
00027  Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
00028  **************************************************************************************/
00029 
00030 session_start();
00031 include('connect.php');
00032 include('template/template_login.php');
00033 
00034 if (isset($_POST['Submit'])){
00035         $Submit = $_POST['Submit'];
00036         }
00037 if (isset($HTTP_POST_VARS['username'])){
00038         $username = $_POST['username'];
00039         }
00040 if (isset($HTTP_POST_VARS['password'])){
00041         $password = $_POST['password'];
00042         }
00043 
00044 if ($Submit=="Login") {
00045 //
00046 //ako je sa forme login poslano
00047 //sredi password
00048 //i nadji korisnika sa danim usernameom
00049 //
00050 if (!get_magic_quotes_gpc()) {
00051         $username = addslashes($username);
00052 }
00053 
00054 $password = MD5($password);
00055 
00056 $query = "SELECT student_id, broj_indexa, ime_studenta, prezime_studenta, username, password FROM student WHERE username='$username'";
00057 
00058 $result = mysql_query($query) or die(mysql_error());
00059 if (mysql_num_rows($result)==0){
00060 //
00061 //U slucaju pogresnog username - javi gresku
00062 //
00063         echo "
00064         <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">
00065         <html>
00066         <head>
00067         <title>Studentski Informacijski Servis</title>
00068         <meta http-equiv=\"Refresh\" content=\"3; URL=login.php\">
00069         <link href=\"template/sis.css\" rel=\"stylesheet\" type=\"text/css\">
00070         <link REL=\"shortcut icon\" HREF=\"template/favicon.ico\" TYPE=\"image/x-icon\">
00071         <meta HTTP-EQUIV=\"Content-Type\" CONTENT=\"text/html; charset=ISO-8859-2\">
00072         </head>";
00073         $content = "
00074         <table width=\"100%\"border=\"0\" cellspacing=\"0\" cellpadding=\"8\">
00075          <tr>
00076           <td align=\"center\" valign=\"middle\"> 
00077             <table width=\"100%\" height=\"170\" border=\"0\" cellpadding=\"2\" cellspacing=\"0\" class=\"table\">                                                                              
00078               <tr>  
00079                 <td> <div align=\"left\"><strong><font color=\"#FFFFFF\" size=\"2\" face=\"Verdana, Arial, Helvetica, sans-serif\"><center>Pogresan username</center><br><br><center>Vraćavamo vas na login</center></font></strong></div></td>                                
00080               </tr>                                                                                     
00081              </table>
00082             </td>
00083           </tr>
00084         </table>";
00085         templateLogin($content);
00086         }
00087 
00088 else {
00089 //
00090 //u slucaju da postoji takav username
00091 //prvo provjeri password
00092 //
00093         $row = mysql_fetch_array($result);
00094         if ($row['password']==$password){
00095 
00096 //
00097 //registruj osnovne varijale o korisniku
00098 //
00099                 $id = $row['student_id'];
00100                 $ime_prezime = $row['ime_studenta'] . " " . $row['prezime_studenta'];
00101                 $index = $row['broj_indexa'];
00102         
00103                 if (isset($ime_prezime)){$_SESSION['ime_prezime']=$ime_prezime;}
00104                 if (isset($id)){$_SESSION['id']=$id;}
00105                 if (isset($index)){$_SESSION['index']=$index;}
00106         
00107         
00108         
00109                   
00110 //
00111 //provjeri da li student ima odsjek (tj. pridruzeni status)
00112 //
00113                 $query_odsjek="SELECT odsjek_ID, semestar from status_studenta
00114                                         WHERE student_ID='$id'
00115                                         AND         datum_kraja='0000-00-00'";
00116                 $result_odsjek = mysql_query($query_odsjek) or die(mysql_error());
00117                 $row_odsjek = mysql_fetch_array($result_odsjek);
00118                 if (mysql_num_rows($result_odsjek)==0){
00119 //
00120 //ako se studentu ne moze naci pridruzeni odsjek (status) - javi gresku
00121 //
00122                         echo "
00123                         <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">
00124                         <html>
00125                         <head>
00126                         <title>Studentski Informacijski Servis</title>
00127                         <meta http-equiv=\"Refresh\" content=\"3; URL=login.php\">
00128                         <link href=\"template/sis.css\" rel=\"stylesheet\" type=\"text/css\">
00129                         <link REL=\"shortcut icon\" HREF=\"template/favicon.ico\" TYPE=\"image/x-icon\">
00130                         <meta HTTP-EQUIV=\"Content-Type\" CONTENT=\"text/html; charset=ISO-8859-2\">
00131                         </head>";
00132                         $content = "
00133                         <table width=\"100%\"border=\"0\" cellspacing=\"0\" cellpadding=\"8\">
00134                         <tr>
00135                          <td align=\"center\" valign=\"middle\">
00136                            <table width=\"100%\" height=\"170\" border=\"0\" cellpadding=\"2\" cellspacing=\"0\" class=\"table\">
00137                              <tr>
00138                                 <td> <div align=\"left\"><strong><font color=\"#FFFFFF\" size=\"2\" face=\"Verdana, Arial, Helvetica, sans-serif\"><center>Nepoznat status studenta - greška pri unosu studenta</center><br><br><center>Vraćavamo vas na login</center></font></strong></div></td>
00139                              </tr>
00140                            </table>
00141                          </td>
00142                         </tr>
00143                         </table>";
00144                         templateLogin($content);
00145                         }                       
00146                   
00147                 elseif ($row_odsjek['1'] == "D"){
00148 
00149                                 echo "Vozdra dipl.ing";
00150                 }
00151 
00152                 else {
00153 //
00154 //u suprotnom uzmi i registruj odsjek studenta, te nadji naziv odsjeka
00155 //
00156 
00157                         $odsjek=$row_odsjek['odsjek_ID'];
00158                         $semestar=$row_odsjek['semestar'];
00159                         if (isset($odsjek)){$_SESSION['odsjek']=$odsjek;}
00160                         if (isset($semestar)){$_SESSION['semestar']=$semestar;}
00161         
00162                   
00163                         $query_odsjek_naziv="SELECT naziv_odsjeka from odsjek WHERE odsjek_ID='$odsjek'";
00164                         $result_odsjek_naziv = mysql_query($query_odsjek_naziv) or die(mysql_error());
00165                         if (mysql_num_rows($result_odsjek_naziv)==0){
00166 //
00167 //Ako ne postoji taj odsjek - javi gresku
00168 //
00169                                 echo "
00170                                 <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">
00171                                 <html>
00172                                 <head>
00173                                 <title>Studentski Informacijski Servis</title>
00174                                 <meta http-equiv=\"Refresh\" content=\"3; URL=login.php\">
00175                                 <link href=\"template/sis.css\" rel=\"stylesheet\" type=\"text/css\">
00176                                 <link REL=\"shortcut icon\" HREF=\"template/favicon.ico\" TYPE=\"image/x-icon\">
00177                                 <meta HTTP-EQUIV=\"Content-Type\" CONTENT=\"text/html; charset=ISO-8859-2\">
00178                                 </head>";
00179                                 $content = "
00180                                 <table width=\"100%\"border=\"0\" cellspacing=\"0\" cellpadding=\"8\">
00181                                  <tr>
00182                                   <td align=\"center\" valign=\"middle\"> 
00183                                    <table width=\"100%\" height=\"170\" border=\"0\" cellpadding=\"2\" cellspacing=\"0\" class=\"table\">                                                                               
00184                                      <tr>  
00185                                       <td> <div align=\"left\"><strong><font color=\"#FFFFFF\" size=\"2\" face=\"Verdana, Arial, Helvetica, sans-serif\"><center>Nepoznat odsjek studenta - greška pri unosu odsjeka i/ili studenta</center><br><br><center>Vraćavamo vas na login</center></font></strong></div></td>                                
00186                                      </tr>                                                                                      
00187                                    </table>
00188                                   </td>
00189                                  </tr>
00190                                 </table>";
00191                                 templateLogin($content);
00192                                 }       
00193                         else {
00194 //
00195 //ako je sve do sad OK, uzmi naziv odsjeka - registruje naziv odsjeka
00196 //i napokon prebaci korisnika na SiS
00197 //      
00198                                 $query_pocetna="SELECT pocetna semestar from preference_studenta WHERE student_ID='$id'";
00199                                 $result_pocetna = mysql_query($query_pocetna) or die(mysql_error());
00200                                 if (mysql_num_rows($result_pocetna)==0){
00201                                         die("Big, Big ERROR");
00202                                         }
00203                                 else {
00204                                         $row_pocetna = mysql_fetch_array($result_pocetna);
00205                                         $pocetna = $row_pocetna[0];
00206                                         if (!isset($pocetna)){ $pocetna = "main";}
00207                                 }
00208                                 $row_odsjek_naziv = mysql_fetch_array($result_odsjek_naziv);
00209                                 $naziv_od = $row_odsjek_naziv['naziv_odsjeka'];
00210                                 if (isset($naziv_od)){$_SESSION['naziv_od']=$naziv_od;}
00211                   
00212                                 echo "
00213                                 <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">
00214                                 <html>
00215                                 <head>
00216                                 <title>Studentski Informacijski Servis</title>
00217                                 <meta http-equiv=\"Refresh\" content=\"3; URL=".$pocetna.".php\">
00218                                 <link href=\"template/sis.css\" rel=\"stylesheet\" type=\"text/css\">
00219                                 <meta HTTP-EQUIV=\"Content-Type\" CONTENT=\"text/html; charset=ISO-8859-2\">
00220                                 <link REL=\"shortcut icon\" HREF=\"template/favicon.ico\" TYPE=\"image/x-icon\">
00221                                 </head>";
00222                                 $content = "
00223                                 <table width=\"100%\"border=\"0\" cellspacing=\"0\" cellpadding=\"8\">
00224                                  <tr>
00225                                   <td align=\"center\" valign=\"middle\"> 
00226                                     <table width=\"100%\" height=\"170\" border=\"0\" cellpadding=\"2\" cellspacing=\"0\" class=\"table\">                                                                              
00227                                       <tr>  
00228                                         <td> <div align=\"left\"><strong><font color=\"#FFFFFF\" size=\"2\" face=\"Verdana, Arial, Helvetica, sans-serif\"><center>Uspješno ste se logovali na sistem, automatski vas prebacujemo na SIS</center></font></strong></div></td>                                
00229                                        </tr>                                                                                    
00230                                      </table>
00231                                    </td>
00232                                  </tr>
00233                                 </table>";
00234                                 templateLogin($content);        
00235                                 }               
00236                         }
00237                 }
00238                 else {
00239 //
00240 //ako se password ne poklapa - javi gresku
00241 //
00242                         echo "
00243                         <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">
00244                         <html>
00245                         <head>
00246                         <title>Studentski Informacijski Servis</title>
00247                         <meta http-equiv=\"Refresh\" content=\"3; URL=login.php\">
00248                         <link href=\"template/sis.css\" rel=\"stylesheet\" type=\"text/css\">
00249                         <link REL=\"shortcut icon\" HREF=\"template/favicon.ico\" TYPE=\"image/x-icon\">
00250                         <meta HTTP-EQUIV=\"Content-Type\" CONTENT=\"text/html; charset=ISO-8859-2\">                    
00251                         </head>";
00252                         $content = "
00253                         <table width=\"100%\"border=\"0\" cellspacing=\"0\" cellpadding=\"8\">
00254                          <tr>
00255                           <td align=\"center\" valign=\"middle\"> 
00256                             <table width=\"100%\" height=\"170\" border=\"0\" cellpadding=\"2\" cellspacing=\"0\" class=\"table\">                                                                              
00257                               <tr>  
00258                                 <td> <div align=\"left\"><strong><font color=\"#FFFFFF\" size=\"2\" face=\"Verdana, Arial, Helvetica, sans-serif\"><center>Pogrešan password</center><br><br><center>Vraćavamo vas na login</center></font></strong></div></td>                                
00259                                </tr>                                                                                    
00260                             </table>
00261                           </td>
00262                         </tr>
00263                        </table>";
00264                         templateLogin($content);        
00265                         }
00266                 }
00267         }
00268 
00269 elseif($_GET['action'] == "logout"){
00270 //
00271 //obrada zahtjeva za unistavanjem sesije
00272 //
00273         session_destroy();
00274         echo "
00275         <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">
00276         <html>
00277         <head>
00278         <title>Studentski Informacijski Servis</title>
00279         <meta http-equiv=\"Refresh\" content=\"3; URL=login.php\">
00280         <link href=\"template/sis.css\" rel=\"stylesheet\" type=\"text/css\">
00281         <link REL=\"shortcut icon\" HREF=\"template/favicon.ico\" TYPE=\"image/x-icon\">
00282         <meta HTTP-EQUIV=\"Content-Type\" CONTENT=\"text/html; charset=ISO-8859-2\">
00283         </head>";
00284         $content = "
00285         <table width=\"100%\"border=\"0\" cellspacing=\"0\" cellpadding=\"8\">
00286          <tr>
00287           <td align=\"center\" valign=\"middle\"> 
00288             <table width=\"100%\" height=\"170\" border=\"0\" cellpadding=\"2\" cellspacing=\"0\" class=\"table\">                                                                              
00289               <tr>  
00290                 <td> <div align=\"left\"><strong><font color=\"#FFFFFF\" size=\"2\" face=\"Verdana, Arial, Helvetica, sans-serif\"><center>Uspješno ste se izlogovali iz sistema, pozdrav od SiS-a :)</center></font></strong></div></td>                                
00291               </tr>                                                                                     
00292             </table>
00293            </td>
00294           </tr>
00295         </table>";
00296         templateLogin($content);        
00297         }
00298 
00299 else {
00300 //
00301 // ako je dologin.php otvoren mimo login.php ili bez akcije logout - javi gresku
00302 // koristi se i kod provjere sessije
00303 //
00304         session_destroy();
00305         echo "
00306         <!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">
00307         <html>
00308         <head>
00309         <title>Studentski Informacijski Servis</title>
00310         <meta http-equiv=\"Refresh\" content=\"5; URL=login.php\">
00311         <link href=\"template/sis.css\" rel=\"stylesheet\" type=\"text/css\">
00312         <link REL=\"shortcut icon\" HREF=\"template/favicon.ico\" TYPE=\"image/x-icon\">
00313         <meta HTTP-EQUIV=\"Content-Type\" CONTENT=\"text/html; charset=ISO-8859-2\">
00314         </head>";
00315         $content = "
00316         <table width=\"100%\"border=\"0\" cellspacing=\"0\" cellpadding=\"8\">
00317          <tr>
00318           <td align=\"center\" valign=\"middle\"> 
00319             <table width=\"100%\" height=\"170\" border=\"0\" cellpadding=\"2\" cellspacing=\"0\" class=\"table\">                                                                              
00320              <tr>  
00321                 <td> <div align=\"left\"><strong><font color=\"#FFFFFF\" size=\"2\" face=\"Verdana, Arial, Helvetica, sans-serif\"><center>Greška - neprikladno korištenje sistema</center><br><br><center>Vraćavamo vas na login</center></font></strong></div></td>                                
00322              </tr>                                                                                      
00323             </table>
00324            </td>
00325           </tr>
00326         </table>";
00327         templateLogin($content);        
00328 }
00329 ?>
Generirano Thu Sep 16 17:16:00 2004 projekt: SiS.Student generator: doxygen 1.3.2