diff options
| author | artem <artem@97f52cf1-0a1b-0410-bd0e-c28be96e8082> | 2008-01-29 12:12:26 +0000 |
|---|---|---|
| committer | artem <artem@97f52cf1-0a1b-0410-bd0e-c28be96e8082> | 2008-01-29 12:12:26 +0000 |
| commit | 0c12891108a86a1059340fd5597a08bd05db8024 (patch) | |
| tree | 80bbad9358e585e1580745ab941a4468ce38f1d2 /frontends/php/index.php | |
| parent | 6ccee53e0c5951bfd9d349863a6afa05437551f6 (diff) | |
| download | zabbix-0c12891108a86a1059340fd5597a08bd05db8024.tar.gz zabbix-0c12891108a86a1059340fd5597a08bd05db8024.tar.xz zabbix-0c12891108a86a1059340fd5597a08bd05db8024.zip | |
- [DEV-103] added support of disabling login rights for a users group (Artem)
git-svn-id: svn://svn.zabbix.com/trunk@5287 97f52cf1-0a1b-0410-bd0e-c28be96e8082
Diffstat (limited to 'frontends/php/index.php')
| -rw-r--r-- | frontends/php/index.php | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/frontends/php/index.php b/frontends/php/index.php index e71e19f4..f9d00f88 100644 --- a/frontends/php/index.php +++ b/frontends/php/index.php @@ -61,14 +61,16 @@ $name = get_request("name",""); $password = md5(get_request("password","")); - $row = DBfetch(DBselect('SELECT u.userid,u.alias,u.name,u.surname,u.url,u.refresh '. + $login = $row = DBfetch(DBselect('SELECT u.userid,u.alias,u.name,u.surname,u.url,u.refresh '. ' FROM users u, users_groups ug, usrgrp g '. ' WHERE u.alias='.zbx_dbstr($name). ' AND u.passwd='.zbx_dbstr($password). - ' AND '.DBin_node('u.userid', $ZBX_LOCALNODEID). - ' AND u.status='.USER_STATUS_ENABLED)); + ' AND '.DBin_node('u.userid', $ZBX_LOCALNODEID))); + if($login){ + $login = (check_perm2login($row['userid']) && check_perm2system($row['userid'])); + } - if($row){ + if($login){ $sessionid = md5(time().$password.$name.rand(0,10000000)); zbx_setcookie('zbx_sessionid',$sessionid); @@ -88,8 +90,9 @@ die(); // return; } - else - { + else{ + $row = NULL; + $_REQUEST['message'] = "Login name or password is incorrect"; add_audit(AUDIT_ACTION_LOGIN,AUDIT_RESOURCE_USER,"Login failed [".$name."]"); } |