
<!-- #include file="./include.asp" -->

<%
'<!--
'################################################
'	 名称	：ログイン処理
'	 作成日：2002/8/9
'	 作成者：山崎
'	 目的　：ログイン処理をする
'	 概要	：
'		<<表示>>
'		・無し
'################################################
'-->
'
'
%>

<%
main()
Sub main()


'サイバートレード連携のための強制処理
	'クエリ文字列セッションによるパッケージモード強制切替
	'（データベース名が接頭辞になっている）
	Session(DBName & "CT21toCA21") = ""
	If Request("mode") = "CT21toCA21" Then
		Session(DBName & "CT21toCA21") = "1"
		Session(DBName & "PackageModeQuery") = "CyberAccount21"
		Session(DBName & "PackageMode") = 1
		PackageMode = 1
	End If
'サイバートレード連携のための強制処理


	'FESアクセスログデータベースの存在チェック
	Dim FESAccessLog
	FESAccessLog = 1
	On Error Resume Next
		Err.Clear()
		Dim ALdb
		Set ALdb = Server.CreateObject("ADODB.Connection")
		ALdb.ConnectionTimeout = 60
		ALdb.CommandTimeout    = 60
		ALdb.Open "Provider=SQLOLEDB.1;Persist Security Info=False;User ID=fesaluser;Password=fesal;Initial Catalog=fesaccesslog;Data Source=" & SQLServer
		If Err.Description <> "" Then
			FESAccessLog = 0
		End If
	On Error Goto 0

	'演習会社ログイン時の戻り先フラグ（演習状況記帳チェックから飛んだ場合は"Check"になる）
	Session(HomeAlias & "AutoLoginReturn") = "" & Request("AutoLoginReturn")


	Dim Query
	Dim Content
	Dim i
	Dim ErrMsg
	Dim GakuseiBango, Password
	Dim bAdminLogin
	Dim Admin
	Admin = Request("admin")
'Response.Write(Admin)
'Exit Sub
	If Admin = "" Then
		Admin = "0"	'Nullなら0
	ElseIf Not(IsNumeric(Admin)) Then
		Admin = "0"	'数字で無ければ0
	End If

	bAdminLogin = 0
	GakuseiBango = UCase(Request("GakuseiBango"))
	Password = UCase(Request("Password"))
'Response.Write(Password)
'Exit Sub
 	'パスワードの半角シャープを全角変換する（クエリ文字列に指定できないため）
	Password = Replace(Password, "＃", "#")
	'パスワードの半角パーセントを全角変換する（クエリ文字列に指定できないため）
	Password = Replace(Password, "％", "%")

	Dim GakuseiBangoErr
	GakuseiBangoErr = 0

	'オートログイン（071106小野）
	Dim AutoLogin
	AutoLogin = Request("AutoLogin")
	Dim AutoLoginEnshuCD
	AutoLoginEnshuCD = Request("AutoLoginEnshuCD")
	Dim AutoLoginKaisyaCD
	AutoLoginKaisyaCD = Request("AutoLoginKaisyaCD")
	Dim AutoLoginAdmin
	AutoLoginAdmin = Request("AutoLoginAdmin")
	If AutoLoginAdmin <> "1" And  AutoLogin <> "1" Then
		'運用管理オートログインボタンの戻り先を演習会社ログイン画面にするフラグを降ろす
		Session(HomeAlias & "EnshuKaishaLogin") = ""
	End If
	If AutoLoginAdmin = "1" Then
		Session(HomeAlias & "AutoLoginAdmin") = "1"
		If "" & GB_AdminPCE = "" Then
			Query = "exec SPMシステム情報取得 '" & GB_SystemCD & "'"
			Set Content = OpenQuery(Query)
			Do While Not(Content.EOF Or Content.EOF)
				GakuseiBango = UCase(Content.Fields("管理者コード"))
				Password = UCase(Content.Fields("パスワード"))
				Content.MoveNext
			Loop
		Else	'演習管理者
			Query = "exec SPM演習取得 '" & GB_SystemCD & "', '" & AutoLoginEnshuCD & "'" 
'Response.Write(Query)
'Exit Sub
			Set Content = OpenQuery(Query)
			If Not(Content.BOF Or Content.EOF) Then
				GakuseiBango = UCase(Content.Fields("演習管理者ID"))
				Password = UCase(Content.Fields("演習管理者パスワード"))
			End If
		End If
	End If

	Dim IPAddr
	IPAddr = Request.ServerVariables("REMOTE_ADDR")

	Dim SystemCD
	Query = "exec SPMシステム一覧"
	Set Content = OpenQuery(Query)
	Do While Not(Content.BOF Or Content.EOF)
		If Content.Fields("デフォルトフラグ") = 1 Then
			SystemCD = Content.Fields("システムCD")
		End If
	Content.MoveNext
	Loop

Session(HomeAlias & "SystemCD") = SystemCD
GB_SystemCD = SystemCD


	If (GakuseiBango = UCase("sj4system")) And (Password = UCase("99999999")) Then

		Response.Redirect("system.asp")
		Exit Sub

	End If

'2003/1/22 マスターパスワードでの管理者ログインを可能にする
'2007/9/18 SFCサーバーではマスターパスワードを許可しない
'	If InStr(Request.ServerVariables("SERVER_NAME"),".sfc-jpn.jp") < 1 Then
	If Right(Request.ServerVariables("SERVER_NAME"),11) <> ".sfc-jpn.jp" Then
		If (GakuseiBango = UCase("sj7admin") And Password = UCase("sj7master")) Or (GakuseiBango = UCase("sj6admin") And Password = UCase("sj6master")) Or (GakuseiBango = UCase("sj5admin") And Password = UCase("sj5master")) Or (GakuseiBango = UCase("sj4admin") And Password = UCase("sj4master")) Then
			bAdminLogin = 1
		End If
	End If


	Query = "exec SPMシステム情報取得 '" & GB_SystemCD & "'"
	Set Content = OpenQuery(Query)
	Do While Not(Content.EOF Or Content.EOF)
		If UCase(Content.Fields("管理者コード")) = GakuseiBango Then
			If UCase(Content.Fields("パスワード")) = Password Then
				bAdminLogin = 1
			Else
				ErrMsg = "パスワードが違います"
			End If
		End If
		Content.MoveNext
	Loop

	If bAdminLogin = 1 Then
		Session(HomeAlias & "AutoLoginButton") = Admin	'オートログインセッション更新
		Session(DBName & "Admin") = Admin
		Session(DBName & "AdminPC") = Admin
		Session(HomeAlias & "AdminPCE") = ""
		Session(HomeAlias & "GakuseiNo") = GakuseiBango
		Session(HomeAlias & "GakuseiShimei") = "運用管理者"
		Session(HomeAlias & "EnshuKubun") = ""
		Session(HomeAlias & "EnshuKubunmei") = ""
		Session(HomeAlias & "EnshuCD") = ""
		Session(HomeAlias & "TenkiKubun") = ""
		Session(HomeAlias & "Shohizei") = ""
		Session(HomeAlias & "KaisyaCD") = ""
		Session(HomeAlias & "KaisyaMeisyo") = ""
		Session(HomeAlias & "KaisyaRyakuMeisyo") = ""
		Session(HomeAlias & "EnshuMeisyo") = "運　用　管　理"
		Session(HomeAlias & "Gyosyu") = ""
		Session(HomeAlias & "GyosyuMeisyo") = ""
		Session(HomeAlias & "GyosyuKubun") = ""
		Session(HomeAlias & "JisyaFlag") = ""
		Session(HomeAlias & "GyosyuColor") = "#E5ACE5"
		Session(HomeAlias & "GyosyuColorObj") = "r"
		Session(HomeAlias & "KaikeiKaishibi") = ""
		Session(HomeAlias & "KaikeiSyuryobi") = ""
		Session(HomeAlias & "Kaimeibi") = ""
		If AutoLoginAdmin <> "1" Then
			If FESAccessLog > 0 Then
				Query = "exec SP0アクセスログ更新 '" & HomeAlias & "', '" & GakuseiBango & "', '" & Password & "', '" & IPAddr & "', '3'"
				Set Content = FESALQuery(Query)
			Else
				Query = "exec SP0アクセスログ更新 '" & GB_SystemCD & "', '" & GakuseiBango & "', '" & Password & "', '" & IPAddr & "', '3', " & AccessLogTerms
				'Set Content = OpenQuery(Query)
			End If
		End If
		If Session(HomeAlias & "EnshuKaishaLogin") = "" Then
			Response.Redirect("/" & HomeAlias & "/admin/admenu.asp")
		Else
			'演習会社ログインからの戻りの場合
			If Session(HomeAlias & "AutoLoginReturn") = "Check" Then
				Response.Redirect("/" & HomeAlias & "/admin/syokai/fm_kityochk_ichiran.asp?EnshuCD=" & Session(HomeAlias & "EnshuKaishaLogin"))
			Else
				Response.Redirect("/" & HomeAlias & "/admin/enshu/fm_enshukaishalogin.asp?EnshuCD=" & Session(HomeAlias & "EnshuKaishaLogin"))
			End If
		End If
'		Response.Redirect("/" & HomeAlias & "/admin/default.asp?admin=" & Admin)
		Exit Sub

	End If


	Query = "exec SPM演習一覧 '" & GB_SystemCD & "',0"
	Set Content = OpenQuery(Query)
	Do While Not(Content.BOF Or Content.EOF)
		'演習管理者オートログインの場合は当該管理者に複数演習の権限が存在する可能性があるので演習を絞り込む
		If AutoLoginEnshuCD = "" Or UCase(Content.Fields("演習CD")) = UCase(AutoLoginEnshuCD) Then
			If UCase(Content.Fields("演習CD")) = GakuseiBango Or UCase(Content.Fields("演習管理者ID")) = GakuseiBango Then
				If Content.Fields("演習管理者パスワード") <> "" Then
					If UCase(Content.Fields("演習管理者パスワード")) = Password Then
						Session(HomeAlias & "AutoLoginButton") = "1"	'オートログインセッション更新
						Session(HomeAlias & "AdminPCE") = "" & Content.Fields("演習CD")
						Session(HomeAlias & "GakuseiNo") =	LCase(GakuseiBango)
						Session(HomeAlias & "GakuseiShimei") = "演習管理者"
						Session(HomeAlias & "EnshuKubun") = ""
						Session(HomeAlias & "EnshuKubunmei") = ""
						Session(HomeAlias & "EnshuCD") = LCase(GakuseiBango)
						Session(HomeAlias & "EnshuMeisyo") = Content.Fields("演習名称")
						Session(HomeAlias & "TenkiKubun") = ""
						Session(HomeAlias & "Shohizei") = ""
						Session(HomeAlias & "KaisyaCD") = ""
						Session(HomeAlias & "Gyosyu") = ""
						Session(HomeAlias & "GyosyuMeisyo") = ""
						Session(HomeAlias & "GyosyuKubun") = ""
						Session(HomeAlias & "JisyaFlag") = ""
						Session(HomeAlias & "GyosyuColor") = "#E5ACE5"
						Session(HomeAlias & "GyosyuColorObj") = "r"
						Session(HomeAlias & "KaikeiKaishibi") = ""
						Session(HomeAlias & "KaikeiSyuryobi") = ""
						Session(HomeAlias & "Kaimeibi") = ""
						Session(HomeAlias & "EnshuID") = "" & UCase(Content.Fields("演習管理者ID"))
						Session(HomeAlias & "EnshuPassword") = "" & UCase(Content.Fields("演習管理者パスワード"))
						Session(DBName & "Admin") = "2"
						If AutoLoginAdmin <> "1" Then
							If FESAccessLog > 0 Then
								Query = "exec SP0アクセスログ更新 '" & HomeAlias & "', '" & GakuseiBango & "', '" & Password & "', '" & IPAddr & "', '2'"
								Set Content = FESALQuery(Query)
							Else
								Query = "exec SP0アクセスログ更新 '" & GB_SystemCD & "', '" & GakuseiBango & "', '" & Password & "', '" & IPAddr & "', '2', " & AccessLogTerms
								'Set Content = OpenQuery(Query)
							End If
						End If
'						Response.Redirect("/" & HomeAlias & "/admin/admenu_enshu_sentaku.asp?EnshuID=" & GakuseiBango & "&EnshuPassword=" & Password & "&EnshuCD=" & AutoLoginEnshuCD)
						Response.Redirect("/" & HomeAlias & "/admin/admenu_enshu_sentaku.asp?EnshuCD=" & AutoLoginEnshuCD)
						Exit Sub
					Else
						ErrMsg = "パスワードが違います"
					End If
				End If
			End If
		End If
		Content.MoveNext
	Loop

	Query = "exec SPMユーザー取得 '" & GB_SystemCD & "','" & GakuseiBango & "'"
	Set Content = OpenQuery(Query)
	If Not(Content.BOF Or Content.EOF) Then
		If UCase(Content.Fields("学生番号")) = GakuseiBango Then
			If UCase(Content.Fields("パスワード")) = Password Or IsNull(Content.Fields("パスワード")) Then
				Session(HomeAlias & "GakuseiNo") = GakuseiBango
				Session(HomeAlias & "GakuseiShimei") = Content.Fields("氏名")
				Session(DBName & "Admin") = "0"
Call Application.Lock()
				Query = "exec SPMユーザーログイン日更新 '" & GB_SystemCD & "','" & GakuseiBango & "', '" & Date() & "'"
				Set Content = OpenQuery(Query)
Call Application.Unlock()
				'オートログイン（071106小野）
				If AutoLogin = "1" Then
					Response.Redirect("./user/default_bin.asp?AutoLogin=1&EnshuCD=" & AutoLoginEnshuCD & "&AutoLoginKaisyaCD=" & AutoLoginKaisyaCD)
				Else
					If FESAccessLog > 0 Then
						Query = "exec SP0アクセスログ更新 '" & HomeAlias & "', '" & GakuseiBango & "', '" & Password & "', '" & IPAddr & "', '1'"
						Set Content = FESALQuery(Query)
					Else
						Query = "exec SP0アクセスログ更新 '" & GB_SystemCD & "', '" & GakuseiBango & "', '" & Password & "', '" & IPAddr & "', '1', " & AccessLogTerms
						'Set Content = OpenQuery(Query) '内蔵アクセスログは廃止
					End If
				End If
				If GB_IEmode = "1" Then
					Response.Redirect("./user")
				Else
					Response.Redirect("./help/helpdesk.asp?HelpTitle=HistoryBack")
				End If
				Exit Sub
			Else
				ErrMsg = "パスワードが違います"
			End If
		Else
			ErrMsg = "ログインIDがありません"
			GakuseiBangoErr = 1
		End If
	Else
		If ErrMsg = "" Then
			ErrMsg = "ログインIDがありません"
			GakuseiBangoErr = 1
		End If
	End If

	If FESAccessLog > 0 Then
		Query = "exec SP0アクセスログ更新 '" & HomeAlias & "', '" & GakuseiBango & "', '" & Password & "', '" & IPAddr & "', '0'"
		Set Content = FESALQuery(Query)
	Else
		Query = "exec SP0アクセスログ更新 '" & GB_SystemCD & "', '" & GakuseiBango & "', '" & Password & "', '" & IPAddr & "', '0', " & AccessLogTerms
		'Set Content = OpenQuery(Query)
	End If

%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=shift_jis">
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta http-equiv="Expires" content="-1">
<link href="./binx/sj3web.css?<% = TimeUniq() %>" rel="stylesheet" type="text/css">
<title><% = AppTitle %></title>
<script language="JScript" src="./include.js?<% = TimeUniq() %>"></script>
<script language="JScript" src="./includesj.js?<% = TimeUniq() %>"></script>
<script language="JScript.Encode" src="./include_enc.js?<% = TimeUniq() %>"></script>
<script language="JScript.Encode" src="./includesj_enc.js?<% = TimeUniq() %>"></script>
<script type=""text/javascript"" src="./javascript.js?<% = TimeUniq() %>"></script>
</head>
<SCRIPT LANGUAGE="JavaScript">
<!--
	ExitFlg = 0;
	HomeAlias = "<% = HomeAlias %>";
	HomeAliasSL = "<% = HomeAliasSL %>";
-->
</SCRIPT>

<body bgcolor="#DDDDDD" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<BR>
<!--
<span class="tx1820">　　<% Response.Write(ErrMsg) %>　<a href="JavaScript:history.go(-1)">戻る</a></span>
-->
<span class="tx1820">　　<% Response.Write(ErrMsg) %>　<a href="default_main.asp?admin=<% = Admin %>&GakuseiBango=<% = Request("GakuseiBango") %>&GakuseiBangoErr=<% = GakuseiBangoErr %>">戻る</a></span>
</body>
<% = HtmlFooter %>
</html>
<%
End Sub



'FESアクセスログにクエリを送る
Function FESALQuery(F_Query)
	Dim ALdb
	Set ALdb = Server.CreateObject("ADODB.Connection")
	ALdb.ConnectionTimeout = 60
	ALdb.CommandTimeout    = 60
	ALdb.Open "Provider=SQLOLEDB.1;Persist Security Info=False;User ID=fesaluser;Password=fesal;Initial Catalog=fesaccesslog;Data Source=" & SQLServer
	Set Content = ALdb.Execute(F_Query)
	Do While Not Content Is Nothing
		If Content.Fields.Count > 0 Then
			Exit Do
		End If
		Set Content = Content.NextRecordSet()
	Loop
	Set FESALQuery = Content
End Function
%>