<?
include('lock.php');
include('blocks/bd.php');
$userinfo='';
$state=0;
if( (isset($_COOKIE['login'])) & (isset($_COOKIE['pass'])) ) {
if (!isset($_GET['exit'])) {
$login=$_COOKIE['login'];
$pass=$_COOKIE['pass'];
$sql="SELECT id, pass FROM users WHERE login='$login'";
$res=mysql_query($sql);
if(mysql_num_rows($res)>0){
$userinfo = mysql_fetch_array($res);
if(strcmp($pass,md5($userinfo['pass'])) == 0) {
$sql="SELECT * FROM users WHERE login='$login'";
$res=mysql_query($sql);
$userinfo=mysql_fetch_array($res);
$time=time();
setcookie("login",$login,$time+1800);
setcookie("pass",$pass,$time+1800);
$state = 1;
}
}
} else {
setcookie("login");
setcookie("pass");
}
}
if($state != 1) {
if( (isset($_POST['login'])) & (isset($_POST['pass'])) ){
$login = $_POST['login'];
$sql = "SELECT id, pass FROM users WHERE login='$login'";
$res = mysql_query($sql);
if(mysql_num_rows($res)>0) {
$userinfo = mysql_fetch_array($res);
$pass = $_POST['pass'];
if(strcmp($pass,$userinfo['pass'])==0){
$sql="SELECT * FROM users WHERE login='$login'";
$res=mysql_query($sql);
$userinfo=mysql_fetch_array($res);
$time=time();
setcookie("login", $login, $time+1800);
setcookie("pass", md5($pass), $time+1800);
$state = 1;
}
}
}
}
if($state != 1) {
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
<title>Главная</title>
<link rel="stylesheet" type="text/css" href="css/style.css">
</head>
<body>
<table width="100%" border="0" align="center">
<tr>
<td><?php include("blocks/header.php"); ?></td>
</tr>
<tr>
<td>
<form method="post" action="/index.php">
Логин: <input type="text" size="30" name="login"/>
Пароль: <input type="password" name="pass" size="30"/>
<input type="submit" value="Войти"/>
</form>
<a href="/register.php">Регистрация</a>
<?
} else {
echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><br>';
echo'<title>Создать заявку</title><br>';
echo'<link rel="stylesheet" type="text/css" href="/contractor/css/style.css"><br>';
echo'</head><br>
<body><br>';
echo '<table width="100%" border="0" align="center">
<tr>
<td>';
require("blocks/header.php");
require("blocks/menu.php");
}
?>
</td>
</tr>
<tr class="border">
<td>
<label>
<?php
$sql="SELECT * FROM forma";
$result=mysql_query($sql) or die("ОШИБКА при выполнении запроса".$sql);
$str = "<?xml version=\"1.0\"?>\n";
$str .= "<dataset>\n";
while($res=mysql_fetch_array($result))
{
$str .="<row>\n";
$str .= "<name>".$res["nomer"]."</name>\n";
$str .= "<category>".$res["nlf"]."</category>\n";
$str .= "</row>\n";
}
$str .= "</dataset>\n";
$fd = fopen("hello.xml", 'w') or die("не удалось создать файл");
fwrite($fd, $str);
fclose($fd);
echo'<a href="hello.xml">скачать</a>';
?></label>
</td>
</tr>
<tr>
<td><?php include("blocks/footer.php"); ?></td>
</tr>
</table>
</body>
</html>