<?php session_start(); ?>
<html xmlns="http://www.w3.org/1999/xhtml" lang="it">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252"/>
<link rel="shortcut icon" href="https://172.20.15.8/celltel_pic.jpg" />
<link href="../style.css" rel="stylesheet" type="text/css" />
<title>Query</title>
</head>
<body>
<?php
if (isSet($_POST['user']))
$_SESSION['user'] = $_POST['user'];
if (isSet($_POST['password']))
$_SESSION['password'] = $_POST['password'];
//print $_SESSION['user'];
if(!isSet($_SESSION['user']) && !isSet($_SESSION['password']))
{
?>
<form action = "" method="post">
<p>Credenziali di accesso: </p>
<table width="200">
<tr>
<td>User</td>
<td>Password</td>
</tr>
<tr>
<td><input type = "text" name="user" /></td>
<td><input type = "password" name="password" /></td>
</tr>
</table>
<p><input type = "submit" value = "OK">
</p>
</form>
<?php
}
else{
$AS400 = 'GESPER_DAT';
$connect = @odbc_connect ($AS400, $_SESSION['user'], $_SESSION['password']);
if (!$connect){
print "Credenziali di accesso non valide!!!";
session_unset();
}
else
{
//******Recupera l'area
$qry = "SELECT area FROM tabaree WHERE usern = '".$_SESSION['user']."'";
$rs = odbc_exec($connect,$qry);
$riga=odbc_fetch_object($rs);
if(odbc_num_rows($rs)==0){
print "Le credenziali di accesso non valide per i SI!";
session_unset();
}
else
{
$area = trim($riga->AREA);
$_SESSION['area'] = $area;
if($area=="SI" || $area=="STAFF"){
list_directory("./");
}
@odbc_free_result($rs);
@odbc_close($connect);
}
}
}
function list_directory($dir){
print "<br>";
$handler = opendir($dir);
while(false !== ($file = readdir($handler))){
if($file != '.' && $file != '..'){
if($file!="index.php" && $file!="index.html" )
echo "<a href=$file>$file</a><br />";
}
//break;
}
}
?>
</body>
</html>