security_check(); if (isset ($_POST['submit'])) { if (isset ($_POST['login']) && isset ($_POST['no_anti_inject_password'])) { $_POST['login'] = strtoupper($_POST['login']); $md5password = md5($NON_PROTECT['password']); $sql = "SELECT UPPER(login) login, password, prenom, nom, statut FROM utilisateurs WHERE (login = '" . $_POST['login'] . "' and password = '" . $md5password . "' and etat != 'inactif' and statut = 'administrateur')"; $res_user = sql_query($sql); $num_row = sql_count($res_user); if ($num_row == 1) { $valid = 'yes'; $resultat_session = "1"; $_SESSION['login'] = $_POST['login']; $_SESSION['statut'] = 'administrateur'; $_SESSION['etat'] = 'actif'; $_SESSION['start'] = old_mysql_result(mysqli_query($GLOBALS["mysqli"], "SELECT now();"),0); $sql = "INSERT INTO log (LOGIN, START, SESSION_ID, REMOTE_ADDR, USER_AGENT, REFERER, AUTOCLOSE, END) values ( '" . $_SESSION['login'] . "', '".$_SESSION['start']."', '" . session_id() . "', '" . $_SERVER['REMOTE_ADDR'] . "', '" . $_SERVER['HTTP_USER_AGENT'] . "', '" . $_SERVER['HTTP_REFERER'] . "', '1', '".$_SESSION['start']."' + interval " . getSettingValue('sessionMaxLength') . " minute ) ;"; $res = sql_query($sql); } else { $message = "Identifiant ou mot de passe incorrect, ou bien vous n'êtes pas administrateur."; } } } //debug_var(); $valid = isset ($_POST["valid"]) ? $_POST["valid"] : 'no'; $force_maj = isset ($_POST["force_maj"]) ? $_POST["force_maj"] : ''; // Numéro de version effective $version_old = getSettingValue("version"); echo ('
Mise à jour de la base MySql de GEPI.
Vous n'avez pas les droits suffisants pour accéder à cette page.