//AHORA INICIO LA SESION
session_start();
// Emulate register_globals on
if (!ini_get('register_globals')) {
$superglobals = array($_SERVER, $_ENV,
$_FILES, $_COOKIE, $_POST, $_GET);
if (isset($_SESSION)) {
array_unshift($superglobals, $_SESSION);
}
foreach ($superglobals as $superglobal) {
extract($superglobal, EXTR_SKIP);
}
}
$urlactual = $_SERVER["HTTP_HOST"];
/*
$dbhost = "db.camaltec.es";
$username = "camaltec";
$password = "1d2e3a";
$db=mysql_connect ($dbhost, $username, $password);
mysql_select_db ("camaltec_iberica",$db);*/
$dbhost = "localhost";
$username = "camaltec";
$password = "Bokr5^07";
$db=mysql_connect ($dbhost, $username, $password);
mysql_select_db ("camaltec_iberica",$db);
include $_SERVER['DOCUMENT_ROOT'] ."/pages/funciones/selects.php";
$ip = str_replace(".","","$REMOTE_ADDR");
$sesiondelogeo = "$PHPSESSID$ip";
if ($accion=="vinculacionwp"){
//echo "vinculando...";
//echo "https://www.sslcamaltec.com.es/pages/login.php?accion=vinculacionwp&usuario=$usuario&pass=$pass";
$logouser = str_replace(" ", "", "$usuario");
$logopass = str_replace(" ", "", "$pass");
$logouser = mysql_real_escape_string($logouser);
$logopass = mysql_real_escape_string($logopass);
$sql = "SELECT * FROM kadmin Where user='$logouser' and pass='$logopass'";
$result=MySQL_query($sql,$db);
while($myrow1=MySQL_fetch_array($result))
{
$idclientelogeado = $myrow1["idcliente"];
}
if ($idclientelogeado!=""){
//////////////////////////Creo la vinculacion
function generateRandomString($length = 64) {
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, strlen($characters) - 1)];
}
return $randomString;
}
$tokenvincualacion = generateRandomString();
//echo "Tengo estos datos para utilizar: $logouser $logopass $idclientelogeado";
mysql_query("delete from kadmin_tokens Where idkaadmin='$idclientelogeado' and tipo='19' ",$db);
$sql = "INSERT INTO kadmin_tokens values ('null','$idclientelogeado','19','$tokenvincualacion-$idclientelogeado')";
$result=MySQL_query($sql,$db);
echo "$tokenvincualacion-$idclientelogeado";
}
exit();
}
if ($accion=="accesotoken"){
Echo "Accediendo mediante Token...";
$sql1 = "UPDATE kadmin SET session = 'Desconectado' WHERE session = '$sesiondelogeo' ";
$resultado1=MySQL_query($sql1,$db);
/////////////Busco los datos de acceso del token
$sql = "SELECT * FROM kadmin_tokens Where token='$token'";
$result=MySQL_query($sql,$db);
while($myrow1=MySQL_fetch_array($result))
{
$idclientetokken = $myrow1["idkaadmin"];
}
if ($idclientetokken==""){echo "
El token ($token) no existe..."; exit();}
$sql = "SELECT * FROM kadmin Where idcliente='$idclientetokken'";
$result=MySQL_query($sql,$db);
while($myrow1=MySQL_fetch_array($result))
{
$logouser = $myrow1["user"];
$logopass = $myrow1["pass"];
}
echo "$logouser / $logopass / $idclientetokken / $token";
if ($logouser=="" and $logopass==""){exit();}
else {
$sql1 = "UPDATE kadmin SET session = '$sesiondelogeo' WHERE user='$logouser' and pass='$logopass'";
$resultado1=MySQL_query($sql1,$db);
header('Location: index.php');
}
}
if ($token!="" and $tokenapp!=""){
/////////////Busco los datos de acceso del token
$sql = "SELECT * FROM kadmin_app Where codigo='$token'";
$result=MySQL_query($sql,$db);
while($myrow1=MySQL_fetch_array($result))
{
$idclientetokken = $myrow1["idcliente"];
}
$sql = "SELECT * FROM kadmin Where id='$idclientetokken'";
$result=MySQL_query($sql,$db);
while($myrow1=MySQL_fetch_array($result))
{
$logouser = $myrow1["user"];
$logopass = $myrow1["pass"];
}
$sql1 = "UPDATE kadmin SET session = '$sesiondelogeo' WHERE user='$logouser' and pass='$logopass'";
$resultado1=MySQL_query($sql1,$db);
header('Location: index.php');
}
if ($accion=="cerrar"){
$sql1 = "UPDATE kadmin SET session = 'Desconectado' WHERE session = '$sesiondelogeo' ";
$resultado1=MySQL_query($sql1,$db);
header('Location: index.php');
}
if ($accion=="logeo"){
$logouser = $_POST["usuario"];
$logopass = $_POST["password"];
$logouser = str_replace(" ", "", "$logouser");
$logopass = str_replace(" ", "", "$logopass");
$logouser = mysql_real_escape_string($logouser);
$logopass = mysql_real_escape_string($logopass);
$sexiondblogeo="";
$sexiondblogeo = select_general("kadmin","user='$logouser' and pass='$logopass'",'session');
if ($sexiondblogeo==""){ header('Location: login.php?accion=error'); }
else{
$sql1 = "UPDATE kadmin SET session = '$sesiondelogeo' WHERE user='$logouser' and pass='$logopass'";
$resultado1=MySQL_query($sql1,$db);
header('Location: index.php');
}
////////////////////////notificacion
$momentologeo = date('d/m/Y h:i:s A');
$dedondeviene = $_SERVER['HTTP_REFERER']; // la pagina desde la que viene el visitante
$navegadorvisitante = $_SERVER['HTTP_USER_AGENT']; //el navegador que utiliza el visitante
$ipvisitante = $_SERVER['REMOTE_ADDR']; //direccion ip del visitante
$hostactual = $_SERVER['HTTP_HOST'];
$sql = "INSERT INTO clientes_acceso_log values ('','$logouser','$logopass','$momentologeo')";
$result=MySQL_query($sql,$db);
$from = "accesos@mw.camaltec-services.com";
$to = "soporte@camaltec.es";
$subject = "Logeo Intento Acceso Zona Privada - $logouser";
$message = "$logouser / $logopass / $dedondeviene / $navegadorvisitante / $ipvisitante / $hostactual ";
$headers = "From:" . $from;
mail($to,$subject,$message, $headers);
//echo "The email message was sent.";
}
///////////////////////////Logo distribuidor
$host= $_SERVER["HTTP_HOST"];
$url= $_SERVER["REQUEST_URI"];
$url= str_replace('/pages/login.php','', $url);
$urlpanel = "https://" . $host . $url;
$urllogodistribuidor = select_general("distribuidores_lopd_conf","urlpanel ='$urlpanel' or urlpanel ='$urlpanel/'",'urllogo');
?>