<?
$lang="ct";
require("./config.php");
require("./history.php");
$self="./login.php";
$act=$_POST[act];
$sys_id="s001";
if($act=="submit"){
  $login_id=strtolower($_POST[id]);
  $login_pw=$_POST[pwd];
  $login_ip=$_SERVER[REMOTE_ADDR];  $select=mysql_connect('localhost',$mysqluser,$mysqlpw) or die("¸ꯆ®w³s±µ¥¢±Ϣ.mysql_error());
  mysql_select_db("ks",$select);
  $cur_id_exist=mysql_query("select count(*) from user where id=\"$login_id\"",$select);
  $cur_id_count=mysql_fetch_row($cur_id_exist);  if($cur_id_count[0]){
    $cur_id_info=mysql_query("select id,name,pwd,grp,ttl,area,deny from user where id=\"$login_id\"",$select);
    $cur_id=mysql_fetch_row($cur_id_info);
    $uid=$cur_id[0];
    $uname=$cur_id[1];
    $upwd=$cur_id[2];
    $ugrp=$cur_id[3];
    $uttl=$cur_id[4];
    $uarea=$cur_id[5];
    $deny=$cur_id[6];    if($login_pw==$upwd){ //ƧĒ±K½X
      $uttl_s=explode("-",$uttl);
      $uttl_u=mktime(23,59,59,$uttl_s[1],$uttl_s[2],$uttl_s[0]); //§⦳®Ĵm­­pº⬰·��23:59:59ªºunix®ɶ¡
      if(mktime()<=$uttl_u){
        if($deny){ //¦pªG³Q°±¥Ϊº¸ڍ
          $error_code=15;
        }else{ //¨S³Q°±¥̍
          if((substr($login_ip,0,10)!="192.168.1.")&&($uarea==0)){ //¤£¤¹³\¥~³¡µn¤J,¥BIP¨Ӧ۩