<% = Cfg(cnnDB, "SiteName") %> <%=lang(cnnDB, "HelpDesk")%>

<%@ LANGUAGE="VBScript" %> <% Option Explicit 'Buffer the response, so Response.Expires can be used Response.Buffer = TRUE Response.Expires = -1 %> <% Call SetAppVariables Dim cnnDB, sid Set cnnDB = CreateCon sid = GetSid %> <% = Cfg(cnnDB, "SiteName") %> <%=lang(cnnDB, "HelpDesk")%> <% ' ************************************** ' Get logon info. ' ************************************** ' By default, the user will not have admin access. ' User must enter password on admin page. Dim username, url, invalid url = Trim(Request.QueryString("URL")) If Len(url) = 0 Then url = "default.asp" End If Select Case Cfg(cnnDB, "AuthType") Case 1 ' NT Authentication Dim domainLen username = Request.ServerVariables("AUTH_USER") If Len(username) = 0 Then Call DisplayError(3, lang(cnnDB, "UnabletoobtainusernamewithNTauthentication")) End If domainLen = InStr(username, "\") username = Mid(username, (domainLen+1), (Len(username)-domainLen)) username = Lcase(username) If CBool(InStr(username, "'")) Then Call DisplayError (3, lang(cnnDB, "Username") & " " & Lang(cnnDB, "containsinvalidcharacters") & ".") End If Dim ntUserRes Set ntUserRes = SQLQuery(cnnDB, "SELECT sid FROM tblUsers WHERE uid='" & username & "'") If ntUserRes.EOF Then Dim ntUpdRes, ntSidRes ntUpdRes = SQLQuery(cnnDB, "INSERT INTO tblUsers (sid, uid) VALUES (" & GetUnique(cnnDB, "users") & ", '" & username & "')") ntSidRes = SQLQuery(cnnDB, "SELECT sid FROM tblUsers WHERE uid='" & username & "'") Session("lhd_sid") = ntSidRes("sid") url = "register.asp?edit=1&new=1" Else Session("lhd_sid") = ntUserRes("sid") End If ntUserRes.Close Case 2 ' DB Authentication If Request.Form("logon") = 1 Then Dim password username = Left(Lcase(Trim(Request.Form("uid"))), 50) username = Replace(username, "'", "''") password = Left(Trim(Request.Form("password")), 50) Dim userRes Set userRes = SQLQuery(cnnDB, "SELECT sid, password FROM tblUsers WHERE uid='" & username & "'") If userRes.EOF Then invalid = TRUE url="" ElseIf userRes("password") <> password Then invalid = TRUE frm_url = url url="" Else Session("lhd_sid") = userRes("sid") End If userRes.Close Else Dim frm_url frm_url = url url = "" End If Case 3 ' External Authentication If Len(Session("lhd_ext_uid")) > 0 Then username = Lcase(Trim(Session("lhd_ext_uid"))) ElseIf Len(Request.Form("lhd_ext_uid")) > 0 Then username = Lcase(Trim(Request.Form("lhd_ext_uid"))) ElseIf Len(Request.QueryString("lhd_ext_uid")) > 0 Then username = Lcase(Trim(Request.QueryString("lhd_ext_uid"))) Else Call DisplayError (3, lang(cnnDB, "Nousernamewasspecifiedbytheexternalauthenication") & ".") End If If CBool(InStr(username, "'")) Then Call DisplayError (3, lang(cnnDB, "Username") & " " & Lang(cnnDB, "containsinvalidcharacters") & ".") End If Dim extUserRes Set extUserRes = SQLQuery(cnnDB, "SELECT sid FROM tblUsers WHERE uid='" & username & "'") If extUserRes.EOF Then Dim extUpdRes, extSidRes extUpdRes = SQLQuery(cnnDB, "INSERT INTO tblUsers (sid, uid) VALUES (" & GetUnique(cnnDB, "users") & ", '" & username & "')") extSidRes = SQLQuery(cnnDB, "SELECT sid FROM tblUsers WHERE uid='" & username & "'") Session("lhd_sid") = extSidRes("sid") url = "register.asp?edit=1&new=1" Else Session("lhd_sid") = extUserRes("sid") End If extUserRes.Close End Select Session("lhd_IsAdmin") = FALSE If Len(url) > 0 Then ' Update logon time ' Update logon time Dim updTimeRes Set updTimeRes = SQLQuery(cnnDB, "UPDATE tblUsers SET dtLastAccess=" & SQLDate(Now, lhdAddSQLDelim) & " WHERE sid=" & Session("lhd_sid")) cnnDB.Close Response.Redirect url End If %>

<% = Cfg(cnnDB, "SiteName") %>
<%=lang(cnnDB, "HelpDesk")%>

<% If Cint(Cfg(cnnDB, "EnableKB")) = 3 Then %> <% = lang(cnnDB, "SearchtheKnowledgeBase") %>

<% End If %> <%=lang(cnnDB, "NewUser")%> <% If Cfg(cnnDB, "EmailType") <> 0 Then Response.Write "| " & lang(cnnDB, "EmailMyPassword") & "" End If %>

<% Call DisplayFooter(cnnDB, sid) cnnDB.Close %>

<%=lang(cnnDB, "Logon")%>