<?php require_once 'dc.php';
error_reporting(0);
echo "<div class='ris'>";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// reCAPTCHA verify
$recaptchaSecretKey = '6Lf7Yw8pAAAAAMS-xv8MsdtMQRHgxQ2V-3ZSndxM';
$recaptchaResponse = $_POST['g-recaptcha-response'];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "https://www.google.com/recaptcha/api/siteverify");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query(array(
'secret' => $recaptchaSecretKey,
'response' => $recaptchaResponse
)));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
curl_close($ch);
//end reCAPTCHA
if(isset($_POST['remember_me'])) {
// Usuario marcó "Recuérdame", establecer cookie para 30 días
setcookie('username', $_POST['username'], time() + (86400 * 30), "/");
} else {
// Usuario no marcó "Recuérdame", eliminar cookie si existe
if(isset($_COOKIE['username'])) {
// Establecer el tiempo de expiración en el pasado para eliminarla
setcookie('username', '', time() - 3600, "/");
}
}
// Decodificar la respuesta
$responseKeys = json_decode($response, true);
if (intval($responseKeys["success"]) !== 1) { // CAPTCHA failed
header("Location: user-incorrect.php?ms=3");
exit();
} else {
$user = mysqli_real_escape_string($mysqli, $_POST['username']);
$pass = $_POST['password'];
// Consulta de inicio de sesión
$sql = "SELECT user.u_code AS u_code, user.nombre, user.pswr AS password, docentes.cedula AS username, user.level AS nivel
FROM user INNER JOIN docentes ON docentes.d_code = user.nombre WHERE docentes.cedula = ?";
$stmt = $mysqli->prepare($sql);
$stmt->bind_param("s", $user);
$stmt->execute();
$result = $stmt->get_result();
$numregis = $result->num_rows;
if ($numregis > 0) {
$row = $result->fetch_assoc();
// Verificar PSWD
if (password_verify($pass, $row['password'])) {
session_start();
$_SESSION['estarted'] = true;
$_SESSION['UNI_CODE'] = $row['u_code'];
$_SESSION['MM_Username'] = $row['username'];
$_SESSION['MM_UserGroup'] = $row['nombre'];
$_SESSION['MM_Level'] = $row['nivel'];
$_SESSION['u_code']=$row['u_code'];
switch ($_SESSION['MM_Level']) {
case 1: // ADMINER
header("Location: ../noaAdminer/pag0.php"); exit();
case 2: // SECRETARIAS
header("Location: ../noaAdmin/index.php"); exit();
case 3: // DOCENTES
header("Location: ../noaCV/index.php"); exit();
case 4: // PRACTICAS
header("Location: ../pracVIN/index.php"); exit();
case 5: // VINCULACION
header("Location: ../noaLogos/navybar/mono/index.php"); exit();
case 6: // INSPECTORES
header("Location: ../ASISTOR/index.php"); exit();
case 8: // ALUMNOS
header("Location: ../noaAlumnos/index.php"); exit();
case 9: // ADMIN_vinc
header("Location: ../noaLogos/navybar/maister\index1.php"); exit();
default:
header("Location: ../index.php"); exit();
}
} else {
header("Location: user-incorrect.php?ms=1"); die();
}
} else {
header("Location: user-incorrect.php?ms=2"); die();
}
$_SESSION['estarted'] = false;
}
}
$mysqli->close();
?>
</div>