init

2025-08-11 22:23:30 +02:00 · 2025-08-11 22:23:30 +02:00 · 72a26edcff
commit 72a26edcff
22092 changed files with 2101903 additions and 0 deletions
--- a/index.php
+++ b/index.php
@ -0,0 +1,274 @@
+<?php
+// neu 2022
+error_reporting(E_ALL); ini_set('display_errors','0');
+
+//	echo'<pre>'; print_r($check_ip); echo'</pre>';
+
+require('lib/config.php'); 
+session_name(CONFIG_SESSION);
+session_start();
+//setlocale(LC_TIME, 'de_DE', 'deu_deu'); 
+//setlocale(LC_TIME, 'de_DE', 'deu_deu'); 
+$realtime=time(); // zeit fuer fuss
+$userip=$_SERVER['REMOTE_ADDR'];// ip fuer fuss
+date_default_timezone_set('Europe/Berlin'); // Default Time Zone
+//date_default_timezone_set('UTC');
+define('SITE_ACCESS',true);
+
+// vars 
+$loginerror='';
+if(!isset($_SESSION['login'])) { $_SESSION['login']=0; }
+/*
+ $_SESSION['login']=    1 = Paasswort sms Login Falsch 
+						2 = Handynummer gesperrt
+						3 = Handynummer nicht freigeschaltet
+						4 = Handynummer Okay nun Passwort eingeben
+						5 = Handynummer nicht im System gefunden
+						6 = Blitzlogin falsch
+						7 = 2. SMS von FT1
+						8 = 2. SMS von FT2
+						9 = 2. SMS von FT1 und FT2
+*/
+
+// Mysql
+require('lib/mysql.class.php'); 
+$GLOBALS['mysql'] = new mysql(CONFIG_MYSQL_HOST,CONFIG_MYSQL_USER,CONFIG_MYSQL_PW,CONFIG_MYSQL_DB); 
+
+mysqli_set_charset($mysql, 'utf8');
+$GLOBALS['mysql']->sql("SET NAMES 'utf8'"); 
+
+// SMS-System
+include('lib/class.mysms.php'); 
+include('lib/core.class.php'); 
+require('lib/cms.class.php'); 	
+require('lib/sms.class.php');
+$GLOBALS['sms']  = new sms;
+$GLOBALS['cms']  = new cms;	
+$GLOBALS['core']  = new core;	
+
+// --- Logout
+if(isset($_POST['logout']) OR isset($_GET['logout'])) {
+	session_destroy(); 
+	$_SESSION['login']=0;
+	header('Location: https://www.jb-data.de'); exit();
+	require('login.php');
+	exit();		
+}
+
+// --- IP für Blitzlogin abrufen
+$check_ip = $GLOBALS['mysql']->query_single("SELECT * FROM ipcheck WHERE ip4 = '".$_SERVER['REMOTE_ADDR']."'"); $iptest=0;
+if($check_ip['num_rows']>0) {
+	$iptest=$check_ip['num_rows']; $ipname=$check_ip['name'];
+}
+
+// --- Blitz-login
+if(isset($_POST['login_pass'])) { 
+	$check_nutzer = $GLOBALS['mysql']->query_single("SELECT * FROM benutzer WHERE login_pass='".$_POST['login_pass']."'");
+	if($check_nutzer['num_rows']>0) {
+		$_SESSION['benutzer']=$check_nutzer['id'];
+		$_SESSION['login']=99;
+		$_SESSION['uid']=$check_nutzer['id'];
+	} else {
+		$_SESSION['login']=6;	// fehler code fehlt noch
+			echo "blitz PW falsch ";
+		require('login.php');	
+		exit();
+	}
+}		
+
+// --- eingebene Handynummer prüfen
+if(isset($_POST['handynummer']) && $_SESSION['login']==0) {
+	//Rufnummer formatieren. nochmal prüfen mit der null
+	$temp=$_POST['handynummer'];
+	if($_POST['handynummer'][0]==0) { $temp = substr($temp, 1,strlen($temp)); }
+	$temp ="+49".$temp; 
+	$sms_nummer[0] = $temp; 
+	
+	$check_nutzer = $GLOBALS['mysql']->query_single("SELECT * FROM benutzer WHERE nummer = '".$temp."'");
+	if($check_nutzer['num_rows'] >0) {
+		$_SESSION['uid']=$check_nutzer['id'];
+		if($check_nutzer['logintyp'] ==99) { $_SESSION['login']=2; require('login.php'); exit(); } // gesperrt
+		if($check_nutzer['logintyp'] == 0) { $_SESSION['login']=2; require('login.php'); exit(); } // nicht freigeschaltet
+		//PIN generieren
+		$smscode=mt_rand(10000, 99999); $GLOBALS['mysql']->insert("UPDATE benutzer SET session_pass='".$smscode."' WHERE id='".$check_nutzer['id']."'");	
+		//SMS-Versand
+		$smsdata = $GLOBALS['mysql']->query_single("SELECT * FROM gateway WHERE id=1"); 
+		$_SESSION['benutzer']=$check_nutzer['id'];
+		$_SESSION['username']="EDV-System";
+		$_SESSION['sms_sender']=$check_nutzer['name'];
+		$_SESSION['api_key']=$smsdata['api-key'];
+		$_SESSION['password']=$smsdata['password'];
+		$_SESSION['msisdn']=$smsdata['nummer'];
+		$_SESSION['sender_id']=$smsdata['id'];
+		$MessageText = "Dein SMS-Code für JB-Data.de lautet: $smscode";
+		$GLOBALS['sms']->sendsms($MessageText,$sms_nummer);	
+		
+		$_SESSION['login']=4;
+		require('login.php');
+		exit();		
+
+	} else {
+		$_SESSION['login']=5; require('login.php'); exit();			
+		require('login.php');	
+		exit();
+	}
+} 
+// --- eingegebenes SMS-Passwort prüfen
+if(isset($_POST['pin'])) {
+	$check_nutzer = $GLOBALS['mysql']->query_single("SELECT * FROM benutzer WHERE id = '".$_SESSION['uid']."'");
+	if($_POST['pin']==$check_nutzer['session_pass']) {
+		$_SESSION['login']=99;
+		header('Location: https://www.jb-data.de'); exit();
+	} else {
+		$_SESSION['login']=1;
+		require('login.php');	
+		exit();
+	}
+}
+// --- 2. SMS
+if (isset($_GET['replay_sms1']) OR isset($_GET['replay_sms2'])) {
+	if($_SESSION['login']==9) { require('login.php'); exit(); }
+	if($_SESSION['login']==8 && isset($_GET['replay_sms1'])) { require('login.php'); exit(); }
+	if($_SESSION['login']==7 && isset($_GET['replay_sms2'])) { require('login.php'); exit(); }
+	$check_nutzer = $GLOBALS['mysql']->query_single("SELECT * FROM benutzer WHERE id = '".$_SESSION['uid']."'");
+	if($check_nutzer['num_rows']>0) {
+		$MessageText = "Dein SMS-Code für JT-Data.de lautet: ".$check_nutzer['session_pass'];
+		$sms_nummer[0] = $check_nutzer['nummer'];
+		$_SESSION['uid']=$check_nutzer['id'];
+		//SMS-Versand
+		if (isset($_GET['replay_sms1'])) { $smsdata = $GLOBALS['mysql']->query_single("SELECT * FROM gateway WHERE id=2"); }
+		$_SESSION['username']="EDV-System";
+		$_SESSION['sms_sender']=$check_nutzer['name']; 
+		$_SESSION['api_key']=$smsdata['api-key'];
+		$_SESSION['password']=$smsdata['password'];
+		$_SESSION['msisdn']=$smsdata['nummer'];
+		$_SESSION['sender_id']=$smsdata['id'];		
+		$GLOBALS['sms']->sendsms($MessageText,$sms_nummer);	
+	} else { // fehler - Session zurücksetzten
+		session_destroy(); 
+		$_SESSION['login']=0;
+		require('login.php');
+		exit();		
+	}
+	if (isset($_GET['replay_sms1'])) { 
+		if($_SESSION['login']==4) { $_SESSION['login']=8; }
+		if($_SESSION['login']==7) { $_SESSION['login']=9; }
+	}
+	require('login.php');
+	exit();	
+}
+// --- 
+if ($_SESSION['login']==99) {
+	$check_nutzer = $GLOBALS['mysql']->query_single("SELECT * FROM benutzer WHERE id = '".$_SESSION['benutzer']."'");
+	$GLOBALS['mysql']->insert("UPDATE benutzer SET session_update='".time()."', session_start='".time()."', session_id='".session_id()."' WHERE id='".$_SESSION['benutzer']."'");	
+	$_SESSION['logtyp']=$check_nutzer['logintyp'];
+	$_SESSION['login']=time(); 
+	$_SESSION['benutzer']=$check_nutzer['id'];
+	$_SESSION['username']=$check_nutzer['name'];
+	$_SESSION['sms_sender']=$check_nutzer['name'];
+	$_SESSION['sender_id']=1;
+	$_SESSION['logtyp']=$check_nutzer['logintyp']; 	
+	$_SESSION['gateway']=1;
+}
+		
+//----------------------------------------------------------------------------------------------		
+if ($_SESSION['login']>99) {
+	$session_time = time()-3600;
+	$check_session = $GLOBALS['mysql']->query_single("SELECT * FROM benutzer WHERE session_id = '".session_id()."' AND session_update > '".$session_time."'");
+	if($check_session['num_rows'] > 0) {
+		if(!isset($_SESSION['arrayload'])){
+			$GLOBALS['arrayload']=1;
+			$GLOBALS['a_touren'] = $GLOBALS['mysql']->query_array("SELECT * FROM touren ORDER BY id");
+			$GLOBALS['a_fahrzg'] = $GLOBALS['mysql']->query_array("SELECT * FROM fahrzeuge ORDER BY id");
+			$GLOBALS['a_fahrer'] = $GLOBALS['mysql']->query_array("SELECT * FROM mitarbeiter ORDER BY id");
+			$GLOBALS['a_planbz'] = $GLOBALS['mysql']->query_array("SELECT * FROM planer_bez ORDER BY id");
+			$GLOBALS['a_planbf'] = $GLOBALS['mysql']->query_array("SELECT * FROM fplaner_bez ORDER BY id");
+			//----------------------------------------------------------------------------------------------
+			//neu als Session als ID sort. 
+
+			$_SESSION['ma_aktiv'] = $GLOBALS['mysql']->query_id("SELECT * FROM mitarbeiter WHERE aktiv!=0 ORDER BY id");
+			$_SESSION['ma_all'] = $GLOBALS['mysql']->query_id("SELECT * FROM mitarbeiter ORDER BY id");
+			$_SESSION['pbz'] = $GLOBALS['mysql']->query_id("SELECT * FROM planer_bez ORDER BY id");
+			$_SESSION['car'] = $GLOBALS['mysql']->query_id("SELECT * FROM fahrzeuge ORDER BY id");
+			$_SESSION['fbz'] = $GLOBALS['mysql']->query_id("SELECT * FROM fplaner_bez ORDER BY id");
+			$_SESSION['tour'] = $GLOBALS['mysql']->query_id("SELECT * FROM touren ORDER BY id");
+			//----------------------------------------------------------------------------------------------
+		}
+		$GLOBALS['mysql']->insert("UPDATE benutzer SET session_update='".time()."' WHERE id='".$check_session['id']."'");
+	} else {
+		$GLOBALS['mysql']->insert("UPDATE benutzer SET session_pass=' ' WHERE id='".$check_session['id']."'");
+		session_destroy(); $_SESSION['login']=0;
+		if (ini_get("session.use_cookies")) {
+			$params = session_get_cookie_params();
+			setcookie(session_name(), '', time() - 42000,
+			$params["path"], $params["domain"],
+			$params["secure"], $params["httpsonly"]
+		);
+	}
+		require('login.php');	
+		exit();
+	}
+
+	
+//------------------------------------------------------------
+		
+	require 'lib/Smarty.class.php';	
+	$template = new Smarty();
+	$template->setTemplateDir('template/');
+	$template->setConfigDir('config/');
+	$template->setCompileDir('compile/');
+	$template->setCacheDir('cache/');		
+			
+//------------------------------------------------------------			
+	if(isset($_GET['s']) AND file_exists('scripts/'.$_GET['s'].'.php')){	
+		require('scripts/'.$_GET['s'].'.php');
+	} else {
+		$_GET['s']='home';
+		require('scripts/ue_home2024.php');
+	}	
+//------------------------------------------------------------
+	$template->assign('m1',$_SESSION['m1']);	
+	$template->assign('m2', $_SESSION['m2']);
+	$template->assign('username', $_SESSION['username']);
+	$template->assign('kuerzel', $check_session['kuerzel']); 		
+
+	$template->display('index91.tpl'); 
+// --- Start Login 
+
+} else { 
+	$_SESSION['login']=0;
+	$error=0; $status=0;
+	require('login.php'); 
+	exit();	
+}
+
+//------------------------------------------------------------
+//	$smarty->testInstall();					
+
+//			require ("lib/fuss.tpl");
+
+//----------------------------------------------------------------------------------------------			
+if($_SESSION['login']==0) {
+	require('login.php');	 
+	exit();	
+}
+
+
+?>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+