<%@LANGUAGE="VBSCRIPT" CODEPAGE="1252"%> <% '********************************************************** '* Fixit DMS Pro v1.0 by Fixit Knowledge Solutions * '* Copyright © 2002-2003, Mark Tait. All rights reserved. * '* http://www.fixitks.co.uk * '********************************************************** %><% 'Get parentid reference to add to redirect mt_id=request("mt_id") if mt_id="" then mt_id="0" parentID=request.querystring("parentid") if parentid="" then parentid="0" suburl="" if request.querystring("sub")="yes" then suburl="&sub=yes" %> <% if ntLogin = true then response.redirect("loginnt.asp") %> <% Dim statusmessage statusmessage="" if request.querystring("login")="failed" then statusmessage="I'm sorry, that username or password are incorrect." elseif request.querystring("login")="expired" then statusmessage="Your session has expired. Please login again to continue." elseif request.querystring("login")="logout" then session.Abandon() response.redirect("login.asp?login=loggedout") elseif request.querystring("login")="loggedout" then statusmessage="Thank you for using the Fixit Document Management System.

Enter your user name and password below to login again." end if %> <% 'check if user to be deleted response.Cookies("fixit")("username")=mt_username response.Cookies("fixit")("password")=mt_password response.Cookies("fixit")("remember")=1 response.Cookies("fixit").expires=date()+14 %> <% session("mt_id")=0 session("mt_viewcomment")=1 Dim mt_username,mt_password,mt_email,addfolder,addcomment,addfiles,lockfiles,deletefiles,addusers 'Check if user to be added if (request.form("txtusername")<>"" and request.form("txtpassword")<>"" and request.form("loginuser") = "Login") OR (request.querystring("uid")<>"" and request.querystring("pwd")<>"") then if request.form("loginuser") = "Login" then mt_username=replace(request.form("txtusername"),"'","''") mt_password=replace(request.form("txtpassword"),"'","''") mt_rememberme=request.form("txtrememberme") else mt_username=replace(request.querystring("uid"),"'","''") mt_password=replace(request.querystring("pwd"),"'","''") end if if mt_rememberme=1 then response.Cookies("fixit")("mt_username")=mt_username response.Cookies("fixit")("mt_password")=mt_password response.Cookies("fixit")("mt_rememberme")=1 response.Cookies("fixit").expires=date()+14 else response.Cookies("fixit")("mt_username")="" response.Cookies("fixit")("mt_password")="" response.Cookies("fixit")("mt_rememberme")=0 response.Cookies("fixit").expires=date()-1 end if if mt_username=dealer_username and mt_password=dealer_pwd then session("mt_dealername")=dealer_username session("dealer")="yes" response.redirect("search_dealers.asp") end if if mt_username=admin_username and mt_password=admin_pwd then session("mt_username")=admin_username session("mt_email")="" session("mt_addfolder")=1 session("mt_addcomment")=1 session("mt_viewcomment")=1 session("mt_addfiles")=1 session("mt_lockfiles")=1 session("mt_deletefiles")=1 session("mt_addusers")=1 session("mt_viewreports")=1 session("mt_accessfolders")="0" response.redirect("filelist.asp") else Set rsCheckUser = Server.CreateObject("ADODB.Recordset") rsCheckUser.ActiveConnection = MM_conTT_STRING rsCheckUser.Source = "SELECT id, mt_username, mt_password, mt_email,addfolder, addcomment, viewcomment, addfiles, lockfiles, deletefiles, addusers, viewreports, accessfolders from tblaccess where mt_username='" & mt_username & "' and mt_password='" & mt_password & "'" rsCheckUser.CursorType = 0 rsCheckUser.CursorLocation = 2 rsCheckUser.LockType = 1 rsCheckUser.Open() rsCheckUserRecords=false If not rsCheckUser.EOF then rsCheckUserRecords=True 'no records to display rsCheckUserArr=rsCheckUser.getrows End If rsCheckUser.close Set rsCheckUser=nothing if rsCheckUserRecords=false then Set mt_accesslogf = Server.CreateObject("ADODB.Command") mt_accesslogf.ActiveConnection = MM_conTT_STRING mt_accesslogf.CommandText = "insert into tblaccesslog (mt_username, mt_userdate, mt_success) values ('" & mt_username & "'," & mtCons_dbDel & mt_curdatetime & mtCons_dbDel & ",'No')" mt_accesslogf.CommandType = 1 mt_accesslogf.CommandTimeout = 0 mt_accesslogf.Prepared = true mt_accesslogf.Execute() mt_accesslogf.ActiveConnection.Close response.redirect("login.asp?login=failed&parentid=" & parentid) end if session("mt_id")=rsCheckUserArr(0,0) session("mt_username")=rsCheckUserArr(1,0) session("mt_email")=rsCheckUserArr(3,0) session("mt_addfolder")=rsCheckUserArr(4,0) session("mt_addcomment")=rsCheckUserArr(5,0) session("mt_viewcomment")=rsCheckUserArr(6,0) session("mt_addfiles")=rsCheckUserArr(7,0) session("mt_lockfiles")=rsCheckUserArr(8,0) session("mt_deletefiles")=rsCheckUserArr(9,0) session("mt_addusers")=rsCheckUserArr(10,0) session("mt_viewreports")=rsCheckUserArr(11,0) 'response.write(rsCheckUserArr(12,0)) session("mt_accessfolders")="0" if len(rsCheckUserArr(12,0))>0 then session("mt_accessfolders")="0," & rsCheckUserArr(12,0) end if Set mt_accesslog = Server.CreateObject("ADODB.Command") mt_accesslog.ActiveConnection = MM_conTT_STRING mt_accesslog.CommandText = "insert into tblaccesslog (mt_username, mt_userdate, mt_success) values ('" & session("mt_username") & "'," & mtCons_dbDel & mt_curdatetime & mtCons_dbDel & ",'Yes')" mt_accesslog.CommandType = 1 mt_accesslog.CommandTimeout = 0 mt_accesslog.Prepared = true mt_accesslog.Execute() mt_accesslog.ActiveConnection.Close response.redirect("filelist.asp?parentid=" & parentid & suburl) end if end if %> © Fixit Knowledge Solutions - Fixit DMS Pro
<%=curpath%>

<% if mt_mustregister=false and request.querystring("newuser")="" then %>

Please click here to Enter the Fixit DMS anonymously - or login below

<% end if %> <% if request.querystring("newuser")<>"" then %>

Thank you for registering - please now login

<% end if %> <%=statusmessage%>

 Login
User name " maxlength="255">
Password " maxlength="255">
Remember me type="checkbox" name="txtrememberme" value="1">