0xV3NOMx
Linux ip-172-26-7-228 5.4.0-1103-aws #111~18.04.1-Ubuntu SMP Tue May 23 20:04:10 UTC 2023 x86_64

Your IP : 3.137.211.49

Current Path : /var/www/html/oums/src/
Upload File :
Current File : /var/www/html/oums/src/user_validate.php

<?php
include("sys_connect.php");
include("sys_mainphp.php");

$resp_mesg = "";
$resp_stat = "";
$resp_file = "";

$myuserid = $_POST["user_name"];
$mypasswd = $_POST["user_pswd"];

$myuserid = stripslashes($myuserid);
$mypasswd = stripslashes($mypasswd);

$myuserid = strtoupper(mysqli_real_escape_string($mycon, $myuserid));
$mypasswd = mysqli_real_escape_string($mycon, $mypasswd);

$mysql = "";
$mysql .= "select masempl.*,masdept.* from masempl,masdept ";
$mysql .= "where masempl.fdeptcode=masdept.fdeptcode and (fusercode='$myuserid' or femplmobl='$myuserid') and fuserpswd='$mypasswd' ";
$mysql .= "and fusercode<>'' and fuserpswd<>''";
$myres = mysqli_query($mycon, $mysql);
$mycnt = mysqli_num_rows($myres);
$myrow = mysqli_fetch_assoc($myres);

if ($mycnt == 0) {
    $resp_mesg = "Invalid Login!";
    $resp_stat = "F";
} else {
    if ($myrow['femplstat'] != "T" && $myrow['fusercode'] != "ADMIN") {
        $resp_mesg = "Employee is not active!";
        $resp_stat = "F";
    } elseif ($myrow['fblckuser'] == "T") {
        $resp_mesg = "Your login is disabled! Contact administator!";
        $resp_stat = "F";
    } else {
        session_start();
        $_SESSION['userid'] = strtoupper($myrow['fusercode']);
        $_SESSION['emplid'] = strtoupper($myrow['femplcode']);
        $_SESSION['deptid'] = strtoupper($myrow["fdeptcode"]);
        $_SESSION['nameid'] = strtoupper($myrow["femplname"]);
        $_SESSION['typeid'] = strtoupper($myrow["fusertype"]);
        $_SESSION['headid'] = strtoupper($myrow["fdepthead"]);
        $_SESSION['sesstime'] = time();

        setcookie("userid", $myrow['fusercode'], time() + (43200), "/"); // 86400 = 1 day
        setcookie("emplid", $myrow['femplcode'], time() + (43200), "/"); // 86400 = 1 day		
        setcookie("deptid", $myrow['fdeptcode'], time() + (43200), "/"); // 86400 = 1 day		
        setcookie("nameid", $myrow['femplname'], time() + (43200), "/"); // 86400 = 1 day		
        setcookie("typeid", $myrow['fusertype'], time() + (43200), "/"); // 86400 = 1 day		
        setcookie("headid", $myrow['fdepthead'], time() + (43200), "/"); // 86400 = 1 day		

        $user_id = strtoupper($_SESSION["userid"]);
        $name_id = strtoupper($_SESSION["nameid"]);
        $empl_id = strtoupper($_SESSION["emplid"]);
        $dept_id = strtoupper($_SESSION["deptid"]);
        $type_id = strtoupper($_SESSION["typeid"]);
        $head_id = strtoupper($_SESSION["headid"]);


        $user_ip = $_SERVER['REMOTE_ADDR'];
        ob_start();
        system('ipconfig /all');
        $mycom = ob_get_contents(); // Capture the output into a variable
        ob_clean();
        $find_me = "Physical";
        $posi_mc = strpos($mycom, $find_me); //Find the position of Physical text
        $user_mc = substr($mycom, ($posi_mc + 36), 17); // Get Physical Address

        set_user_logs($dept_id, $user_id, 'LOGI', 'USER LOGGED IN: ' . $user_id);

        $resp_stat = "T";
    }
}
mysqli_close($mycon);
echo json_encode(array("mesg" => $resp_mesg, "stat" => $resp_stat, "file" => $resp_file));