'9999', 'MSG'=>''); try { if(!$_POST) { throw new Exception("정상적인 접근이 아닙니다.", "9999"); } if(empty($cd_dealerid)) { throw new Exception("아이디가 없습니다.", "9998"); } if(empty($nm_pass)) { throw new Exception("비밀번호가 없습니다.", "9997"); } //소문자만 사용 $cd_dealerid = strtolower($cd_dealerid); $table_name = "aap_master a"; $_whereis = " cd_dealerid = '". $cd_dealerid . "' and nm_pass = password('". $nm_pass ."') AND ds_delind='N' "; if($_SERVER['REMOTE_ADDR'] == '220.86.24.199') { // $_whereis = " cd_dealerid = '". $cd_dealerid . "' AND ds_delind='N' "; } $row = $dbCon->selectDAO("*, CONVERT(password(cd_dealerid+nm_pass+UNIX_TIMESTAMP()), CHAR) as enc_val, ifnull((select ds_status from aap_master where cd_dealer = a.cd_dealer_p), '') ds_status_p ", $table_name, $_whereis); if (!$row['cd_dealer']) { throw new Exception("로그인 정보가 정확하지 않습니다.", "9890"); } if ($row['ds_status'] == 'W0') { throw new Exception("탈퇴한 아이디입니다.", "4444"); } if ($row['ds_status'] == 'D0') { throw new Exception("휴면계정 아이디입니다.", "4445"); } if($row['ds_status'] != "Z0") { throw new Exception("승인되지 않은 AAP 직원입니다.", "4446"); } // if(empty($row['dt_lastlogin'])) { // echo "F"; // exit; $sql = "UPDATE aap_master set dt_lastlogin = now(), enc_val = '{$row['enc_val']}' where cd_dealer = '".$row['cd_dealer']."'"; // echo $sql; // exit; // $sql = "UPDATE dealer_master set dt_lastlogin = now() where cd_dealer = '". $row['cd_dealer'] . "'"; $result = $dbCon->query($sql); $_SESSION['s_cd_dealer_type'] = 'aap'; $_SESSION['s_cd_dealerid'] = $row['cd_dealerid']; $_SESSION['s_nm_email'] = $row['nm_email']; $_SESSION['s_nm_name'] = $row['nm_name']; $_SESSION['s_nm_hp'] = $row['nm_hp'];//.$row['nm_hp_02'].$row['nm_hp_03']; // $_SESSION['s_nm_hp'] = $row['nm_hp_01'].$row['nm_hp_02'].$row['nm_hp_03']; $_SESSION['s_nm_hp_form'] = $row['nm_hp_01']."-".$row['nm_hp_02']."-".$row['nm_hp_03']; // $_SESSION['s_ds_type'] = $row['ds_type']; //$ds_type -> A0:개인,B0:업체,C0:비회원,D0:딜러,D1:딜러-관리자 // $_SESSION['s_ds_level'] = $row['ds_level']; $_SESSION['s_cd_dealer'] = $row['cd_dealer']; $_SESSION['s_cd_dealer_p'] = $row['cd_dealer_p']; $_SESSION['s_nm_area'] = $row['nm_area']; $_SESSION['s_aap_ds_type'] = $row['ds_type']; //$ds_type -> A0:개인,B0:업체,C0:비회원,D0:딜러,D1:딜러-관리자 // $_SESSION['s_ds_area_sub']=$row[ds_area_sub]; // $_SESSION['s_ds_usertype'] = $row['ds_usertype']; //$ds_usertype ds_type 상세 사용 가능 -> A0:개인,B0:업체,B1:업체1,B2:업체2,C0:비회원 // $_SESSION['s_ds_company_bp1'] = $row['ds_company_bp1']; //관계사1 // $_SESSION['s_ds_branch1'] = $row['ds_branch1']; //지점1 // $_SESSION['s_ds_company_bp2'] = $row['ds_company_bp2']; //관계사2 // $_SESSION['s_ds_branch2'] = $row['ds_branch2']; //지점2 // $_SESSION['s_ds_company_bp3'] = $row['ds_company_bp3']; //관계사3 // $_SESSION['s_ds_branch3'] = $row['ds_branch3']; //지점3 $_SESSION['s_ds_kind'] = substr($row['ds_type'],0,1); //$s_ds_kind -> A:개인, D:딜러,딜러-관리자 예)(($row[ds_type] == "A0")?"D0":"D1"); $_SESSION['s_ds_status_p'] = $row['ds_status_p']; //총괄관리자(딜러) 승인여부 : Z0-승인, 이외-미승인 //자동 로그인 if ($auto_login == "Y"){ // setAutoLogin($row['cd_dealer'], $dbCon); } $DATAS = array(); $DATAS['enc_str'] = "al_usr=".$row['cd_dealerid']."&al_val=".$row['enc_val']; $RES['CODE'] = "0000"; $RES['MSG'] = "정상."; $RES['DATAS'] = $DATAS; }catch(Exception $e){ $RES['CODE'] = $e->getCode(); $RES['MSG'] = $e->getMessage(); } echo json_encode($RES); exit; break; case "loginAuto": $table_name = "aap_master a"; $cd_dealerid = trim(avoid_crack($_POST["al_usr"])); $enc_val = trim(avoid_crack($_POST["al_val"])); $_whereis = " cd_dealerid = '". $cd_dealerid . "' and enc_val = '". $enc_val ."' AND ds_delind='N' "; $row = $dbCon->selectDAO("*, ifnull((select ds_status from aap_master where cd_dealer = a.cd_dealer_p), '') ds_status_p ", $table_name, $_whereis); if (!$row['cd_dealerid']) { echo("N"); exit; } else { // $sql = "UPDATE member_master set dt_lastlogin = now() where cd_user = '".$row[cd_user]."'"; $sql = "UPDATE aap_master set dt_lastlogin = now() where cd_dealer = '". $row['cd_dealer'] . "'"; $result = $dbCon->query($sql); $_SESSION['s_cd_dealer_type'] = 'aap'; $_SESSION['s_cd_dealerid'] = $row['cd_dealerid']; $_SESSION['s_nm_email'] = $row['nm_email']; $_SESSION['s_nm_name'] = $row['nm_name']; $_SESSION['s_nm_hp'] = $row['nm_hp'];//.$row['nm_hp_02'].$row['nm_hp_03']; // $_SESSION['s_nm_hp'] = $row['nm_hp_01'].$row['nm_hp_02'].$row['nm_hp_03']; $_SESSION['s_nm_hp_form'] = $row['nm_hp_01']."-".$row['nm_hp_02']."-".$row['nm_hp_03']; // $_SESSION['s_ds_type'] = $row['ds_type']; //$ds_type -> A0:개인,B0:업체,C0:비회원,D0:딜러,D1:딜러-관리자 // $_SESSION['s_ds_level'] = $row['ds_level']; $_SESSION['s_cd_dealer'] = $row['cd_dealer']; $_SESSION['s_cd_dealer_p'] = $row['cd_dealer_p']; $_SESSION['s_nm_area'] = $row['nm_area']; $_SESSION['s_aap_ds_type'] = $row['ds_type']; //$ds_type -> A0:개인,B0:업체,C0:비회원,D0:딜러,D1:딜러-관리자 // $_SESSION['s_ds_area_sub']=$row[ds_area_sub]; // $_SESSION['s_ds_usertype'] = $row['ds_usertype']; //$ds_usertype ds_type 상세 사용 가능 -> A0:개인,B0:업체,B1:업체1,B2:업체2,C0:비회원 // $_SESSION['s_ds_company_bp1'] = $row['ds_company_bp1']; //관계사1 // $_SESSION['s_ds_branch1'] = $row['ds_branch1']; //지점1 // $_SESSION['s_ds_company_bp2'] = $row['ds_company_bp2']; //관계사2 // $_SESSION['s_ds_branch2'] = $row['ds_branch2']; //지점2 // $_SESSION['s_ds_company_bp3'] = $row['ds_company_bp3']; //관계사3 // $_SESSION['s_ds_branch3'] = $row['ds_branch3']; //지점3 $_SESSION['s_ds_kind']= substr($row['ds_type'],0,1); //$s_ds_kind -> A:개인, D:딜러,딜러-관리자 예)(($row[ds_type] == "A0")?"D0":"D1"); $_SESSION['s_ds_status_p'] = $row['ds_status_p']; //총괄관리자(딜러) 승인여부 : Z0-승인, 이외-미승인 echo("Y"); exit; } break; case "chg_password": $table_name = "aap_master a"; $_whereis = " cd_dealerid = '". $cd_dealerid . "' and nm_pass = password('". $nm_pass ."') "; $row = $dbCon->selectDAO("*, ifnull((select ds_status from aap_master where cd_dealer = a.cd_dealer_p), '') ds_status_p ", $table_name, $_whereis); if (!$row['cd_dealer']) { echo("N"); exit; } else { // if(empty($row['dt_lastlogin'])) { $sql = "UPDATE aap_master set dt_lastlogin = now(), nm_pass= password('".$cd_pwd."'), enc_val = password(cd_dealerid+nm_pass+UNIX_TIMESTAMP()) where cd_dealer = '".$row[cd_dealer]."'"; $result = $dbCon->query($sql); // echo "Y"; // exit; // }else { echo "Y"; exit; // } } break; case "login_aap": break; case "logout": $_SESSION['s_cd_dealer_type']=null; $_SESSION['s_cd_dealerid']=null; $_SESSION['s_nm_email']=null; $_SESSION['s_nm_name']=null; $_SESSION['s_nm_hp']=null; $_SESSION['s_nm_hp_form']=null; $_SESSION['s_ds_type']=null; //$ds_type -> A0:개인,B0:업체,C0:비회원,D0:딜러,D1:딜러-관리자 $_SESSION['s_ds_level']=null; $_SESSION['s_cd_dealer']=null; $_SESSION['s_cd_dealer_p']=null; $_SESSION['s_nm_area']=null; // $_SESSION['s_ds_area_sub']=$row[ds_area_sub]; $_SESSION['s_ds_usertype']=null; //$ds_usertype ds_type 상세 사용 가능 -> A0:개인,B0:업체,B1:업체1,B2:업체2,C0:비회원 $_SESSION['s_ds_company_bp1']=null; //관계사1 $_SESSION['s_ds_branch1']=null; //지점1 $_SESSION['s_ds_company_bp2']=null; //관계사2 $_SESSION['s_ds_branch2']=null; //지점2 $_SESSION['s_ds_company_bp3']=null; //관계사3 $_SESSION['s_ds_branch3']=null; //지점3 $_SESSION['s_ds_kind']= null; //$s_ds_kind -> A:개인, D:딜러,딜러-관리자 예)(($row[ds_type] == "A0")?"D0":"D1"); $_SESSION['s_ds_status_p']=null; //총괄관리자(딜러) 승인여부 : Z0-승인, 이외-미승인 setcookie ('ESMotorsAAP', '', time() - 1, "/"); Redirect("/aap/login.php"); break; default : AlertBack("지정되지않은 요청입니다"); break; } //자동 로그인 //db_connect $connect 넘겨주지 않고 사용해도 되나? $connect 반환 제대로 될까? function setAutoLogin($cd_dealer,$argDbCon){ $_whereis1 = " cd_user = '". $cd_user . "' "; $sql1 = " select * from aap_master where cd_dealer = '". $cd_dealer . "' "; $row = mysql_fetch_array(mysql_query($sql1)); setcookie ('ESMotorsAAP', 'al_usr='.$row[cd_dealerid].'&al_val='.$row[enc_val], time() + LIMIT_TIME_AUTO_LOGIN, "/"); } mysql_close($connect); ?>