Pandora FMS - <?php echo lang_string("header

0){ // Agent selection filters and refresh $query = 'http' . (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == TRUE ? 's': '') . '://' . $_SERVER['SERVER_NAME']; if ($_SERVER['SERVER_PORT'] != 80) $query .= ":" . $_SERVER['SERVER_PORT']; $query .= $_SERVER['REQUEST_URI']; if (isset ($_POST["refr"])) $query .= '&refr=' . $intervalo; if (isset ($_POST["ag_group"])) { $ag_group = $_POST["ag_group"]; $query = 'http://' . $_SERVER['SERVER_NAME']; if ($_SERVER['SERVER_PORT'] != 80) $query .= ":" . $_SERVER['SERVER_PORT']; $query .= $_SERVER['REQUEST_URI'] . '&ag_group_refresh=' . $ag_group; } else echo ''; } } ?> Pandora FMS - <?php echo lang_string("header_title"); ?> '; ?> '; $REMOTE_ADDR = getenv ("REMOTE_ADDR"); // Login process if ( (! isset ($_SESSION['id_usuario'])) AND (isset ($_GET["login"]))) { $nick = get_parameter_post ("nick"); $pass = get_parameter_post ("pass"); // Connect to Database $sql1 = 'SELECT * FROM tusuario WHERE id_usuario = "'.$nick.'"'; $result = mysql_query ($sql1); // For every registry if ($row = mysql_fetch_array ($result)){ if ($row["password"] == md5 ($pass)){ // Login OK // Nick could be uppercase or lowercase (select in MySQL // is not case sensitive) // We get DB nick to put in PHP Session variable, // to avoid problems with case-sensitive usernames. // Thanks to David Muñiz for Bug discovery :) $nick = $row["id_usuario"]; unset ($_GET["sec2"]); $_GET["sec"] = "general/logon_ok"; update_user_contact ($nick); logon_db ($nick, $REMOTE_ADDR); $_SESSION['id_usuario'] = $nick; } else { // Login failed (bad password) unset ($_GET["sec2"]); include "general/logon_failed.php"; // change password to do not show all string $primera = substr ($pass,0,1); $ultima = substr ($pass, strlen ($pass) - 1, 1); $pass = $primera . "****" . $ultima; audit_db ($nick, $REMOTE_ADDR, "Logon Failed", "Incorrect password: " . $nick . " / " . $pass); exit; } } else { // User not known unset ($_GET["sec2"]); include "general/logon_failed.php"; $primera = substr ($pass, 0, 1); $ultima = substr ($pass, strlen ($pass) - 1, 1); $pass = $primera . "****" . $ultima; audit_db ($nick, $REMOTE_ADDR, "Logon Failed", "Invalid username: " . $nick . " / " . $pass); exit; } } elseif (! isset ($_SESSION['id_usuario'])) { // There is no user connected include "general/login_page.php"; exit; } else { // There is session for id_usuario $config["id_user"] = $_SESSION["id_usuario"]; } // Log off if (isset ($_GET["bye"])) { include "general/logoff.php"; $iduser = $_SESSION["id_usuario"]; logoff_db ($iduser, $REMOTE_ADDR); session_unregister ("id_usuario"); exit; } $pagina = ""; if (isset ($_GET["sec2"])){ $sec2 = parametro_limpio ($_GET["sec2"]); $pagina = $sec2; } else $sec2 = ""; if (isset ($_GET["sec"])){ $sec = parametro_limpio ($_GET["sec"]); $pagina = $sec2; } else $sec = ""; // http://es2.php.net/manual/en/ref.session.php#64525 // Session locking concurrency speedup! session_write_close(); ?>

Sorry! I can't find the page!"; } } else require ("general/logon_ok.php"); //default ?>