--- index.php 2001/06/06 07:04:04 1.2 +++ index.php 2001/06/06 10:54:22 1.7 @@ -11,27 +11,54 @@ if (count($row) <= 0) $auth = false; if ($auth) { $row = $row[0]; - if ($PHP_AUTH_PW != $row[0]) $auth = false; + if (substr($row[0], 0, 5) == "auth_") { + switch (strtoupper(substr($row[0], 5))) { + case "POP3": + include("auth_POP3.php"); + $pop = new POP3(); + $pop->connect("intranet.pliva.hr"); + $ret = $pop->checklogin($PHP_AUTH_USER, $PHP_AUTH_PW); + $pop->quit(); + if (!$ret) $auth = false; + break; + default: $auth = false; break; + } + } else { + $pw = md5($PHP_AUTH_USER.$PHP_AUTH_PW); + if ($pw != $row[0]) $auth = false; + } + # if ($PHP_AUTH_PW != $row[0]) $auth = false; } } - if (!$auth) { + if (!$auth || $relogin == $PHP_AUTH_USER) { Header("WWW-Authenticate: Basic realm=\"fcproducts\""); Header("HTTP/1.0 401 Unauthorized"); echo "No access.\n"; exit; } -// if (!$id) { echo "No product ID!\n"; exit; } - if (!$id) { $id=1; } + # if (!$id) { echo "No product ID!\n"; exit; } + DBOpen(); + if (!$id) { + $id = 1; + $row = DBQuery("SELECT MIN(product_id) FROM products"); + if ($row[0]) $id = $row[0][0]; + } $error = ""; $msg = false; $err = 0; - DBOpen(); $row = DBQuery("SELECT market,production,purchasing,economics,risks,competition,potential,portfolio,sales,quality,dosage,evaluation,comment FROM user_product WHERE (product_id=$id) AND (login='$PHP_AUTH_USER')"); - if (is_array($row[0]) && count($row[0]) > 0) bool_fix($row[0]); list($ok_market, $ok_production, $ok_purchasing, $ok_economics, $ok_risks, $ok_competition, $ok_potential, $ok_portfolio, $ok_sales, $ok_quality, $ok_dosage, $ok_evaluation, - $ok_comment) = $row[0]; + $ok_comment) = array(-1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1); + if (is_array($row[0])) { + bool_fix($row[0]); + list($ok_market, $ok_production, $ok_purchasing, + $ok_economics, $ok_risks, $ok_competition, + $ok_potential, $ok_portfolio, $ok_sales, $ok_quality, + $ok_dosage, $ok_evaluation, $ok_comment) = $row[0]; + } if ($save) { $error = ""; $q = array(); @@ -128,13 +155,19 @@ } $row = DBQuery("SELECT naziv FROM products WHERE (product_id=$id)"); list($product_name) = $row[0]; - DBClose(); ?>
- +\n"; + else echo "\n"; +?>