<?php

	include $_SERVER["DOCUMENT_ROOT"].'/common/lib/comm.php';
	include $_SERVER['DOCUMENT_ROOT'].'/common/lib/aligo.php';

	$table_name = "aap_master";

	$PageNo = trim(avoid_crack($_REQUEST["PageNo"]));

	$mode = trim(avoid_crack($_POST["mode"]));
	$cd_dealer  = trim(avoid_crack($_POST["cd_dealer"]));
	$cd_dealerid  = trim(avoid_crack($_POST["cd_dealerid"]));
	$cd_dealer_p  = trim(avoid_crack($_POST["cd_dealer_p"]));
	$nm_pass  = trim(avoid_crack($_POST["nm_pass"]));
	$ds_type  = trim(avoid_crack($_POST["ds_type"]));
	$ds_level  = trim(avoid_crack($_POST["ds_level"]));
	$nm_company  = trim(avoid_crack($_POST["nm_company"]));
	$nm_name  = trim(avoid_crack($_POST["nm_name"]));
	$nm_birth  = trim(avoid_crack($_POST["nm_birth"]));
	$nm_tel_01  = trim(avoid_crack($_POST["nm_tel_01"]));
	$nm_tel_02  = trim(avoid_crack($_POST["nm_tel_02"]));
	$nm_tel_03  = trim(avoid_crack($_POST["nm_tel_03"]));
	$nm_hp_01  = trim(avoid_crack($_POST["nm_hp_01"]));
	$nm_hp_02  = trim(avoid_crack($_POST["nm_hp_02"]));
	$nm_hp_03  = trim(avoid_crack($_POST["nm_hp_03"]));
	$nm_fax_01  = trim(avoid_crack($_POST["nm_fax_01"]));
	$nm_fax_02  = trim(avoid_crack($_POST["nm_fax_02"]));
	$nm_fax_03  = trim(avoid_crack($_POST["nm_fax_03"]));
	$nm_email  = trim(avoid_crack($_POST["nm_email"]));
	$nm_zip  = trim(avoid_crack($_POST["nm_zip"]));
	$nm_addr  = trim(avoid_crack($_POST["nm_addr"]));
	$nm_addr_sub  = trim(avoid_crack($_POST["nm_addr_sub"]));
	$nm_etc_01  = trim(avoid_crack($_POST["nm_etc_01"]));
	$nm_etc_02  = trim(avoid_crack($_POST["nm_etc_02"]));
	$nm_etc_03  = trim(avoid_crack($_POST["nm_etc_03"]));
	$ds_status  = trim(avoid_crack($_POST["ds_status"]));
	$nm_company_biz  = trim(avoid_crack($_POST["nm_company_biz"]));
	$nm_name_biz  = trim(avoid_crack($_POST["nm_name_biz"]));
	$nm_no_biz  = trim(avoid_crack($_POST["nm_no_biz"]));
	$nm_date_biz  = trim(avoid_crack($_POST["nm_date_biz"]));
	$nm_type_biz  = trim(avoid_crack($_POST["nm_type_biz"]));
	$nm_condition_biz  = trim(avoid_crack($_POST["nm_condition_biz"]));
	$nm_tel_biz_01  = trim(avoid_crack($_POST["nm_tel_biz_01"]));
	$nm_tel_biz_02  = trim(avoid_crack($_POST["nm_tel_biz_02"]));
	$nm_tel_biz_03  = trim(avoid_crack($_POST["nm_tel_biz_03"]));
	$nm_hp_biz_01  = trim(avoid_crack($_POST["nm_hp_biz_01"]));
	$nm_hp_biz_02  = trim(avoid_crack($_POST["nm_hp_biz_02"]));
	$nm_hp_biz_03  = trim(avoid_crack($_POST["nm_hp_biz_03"]));
	$nm_fax_biz_01  = trim(avoid_crack($_POST["nm_fax_biz_01"]));
	$nm_fax_biz_02  = trim(avoid_crack($_POST["nm_fax_biz_02"]));
	$nm_fax_biz_03  = trim(avoid_crack($_POST["nm_fax_biz_03"]));
	$nm_email_biz  = trim(avoid_crack($_POST["nm_email_biz"]));
	$nm_zip_biz  = trim(avoid_crack($_POST["nm_zip_biz"]));
	$nm_addr_biz  = trim(avoid_crack($_POST["nm_addr_biz"]));
	$nm_addr_sub_biz  = trim(avoid_crack($_POST["nm_addr_sub_biz"]));
	$ds_company_bp1 = trim(avoid_crack($_POST["ds_company_bp1"]));
	$ds_branch1 = trim(avoid_crack($_POST["ds_branch1"]));
	$ds_company_bp2 = trim(avoid_crack($_POST["ds_company_bp2"]));
	$ds_branch2 = trim(avoid_crack($_POST["ds_branch2"]));
	$ds_company_bp3 = trim(avoid_crack($_POST["ds_company_bp3"]));
	$ds_branch3 = trim(avoid_crack($_POST["ds_branch3"]));
	$ds_company_bp = trim(avoid_crack($_POST["ds_company_bp"]));
	$ds_branch = trim(avoid_crack($_POST["ds_branch"]));
	$nm_area  = trim(avoid_crack($_POST["nm_area"]));
//	$nm_area  = trim(avoid_crack(implode(",",$_POST["nm_area"])));
	$nm_title  = trim(avoid_crack($_POST["nm_title"]));
	$nm_file  = trim(avoid_crack($_POST["nm_file"]));
	$nm_etc  = trim(avoid_crack($_POST["nm_etc"]));
	$nm_deposit  = trim(avoid_crack($_POST["nm_deposit"]));
	$dt_insert  = trim(avoid_crack($_POST["dt_insert"]));
	$nm_insert  = trim(avoid_crack($_POST["nm_insert"]));
	$dt_update  = trim(avoid_crack($_POST["dt_update"]));
	$nm_update  = trim(avoid_crack($_POST["nm_update"]));
	$ds_delind  = trim(avoid_crack($_POST["ds_delind"]));

//	$cd_procid = $_SESSION[admin_cd_dealerid];


//	$PageNo = trim(avoid_crack($_POST["PageNo"]));

	switch($mode) {
	//저장하기
	case "Add" :

		$RES = array('CODE'=>'9999', 'MSG'=>'');
		try {

			if(!$_POST) {
				throw new Exception("정상적인 접근이 아닙니다.", "9999");
			}
			if(empty($cd_dealerid)) {
				throw new Exception("아이디가 없습니다.", "9998");
			}
			if(empty($nm_pass) || empty($nm_pass2)) {
				throw new Exception("비밀번호가 없습니다.", "9997");
			}
			if($nm_pass != $nm_pass2) {
				throw new Exception("입력하신 비밀번호가 일치하지 않습니다.", "9996");
			}
			if(empty($nm_name)) {
				throw new Exception("이름이 없습니다.", "9995");
			}
			if(empty($nm_hp) || $nm_hp == "--") {
				throw new Exception("휴대번호가 없습니다.", "9993");
			}

			if(strlen($cd_dealerid)<3 || strlen($cd_dealerid)>20) {
				throw new Exception("아이디(3~20)의 자리수가 맞지 않습니다.", "9990");
			}
			if($cd_dealerid=="userid" || $cd_dealerid=="member" || $cd_dealerid=="admin"){
				throw new Exception("중복된 아이디입니다. 관리자에게 문의하십시요.", "9990");
			}
			if(!preg_match("/^[a-zA-Z](?=.*[a-zA-Z])(?=.*[0-9]).{3,19}$/i", $cd_dealerid)) {
			// if(!preg_match("/^[a-zA-Z]+[a-zA-Z0-9]{3,19}$/i", $cd_dealerid)) {
				throw new Exception("아이디는 영문자로 시작하는 4~20자 영문자/숫자 조합이어야 합니다.", "9991");
			}

			$check_id=@mysql_result(mysql_query("select count(*) from $table_name where cd_dealerid='$cd_dealerid'"),0,0);
			if($check_id>0) {
				throw new Exception("이미 사용중인 아이디입니다.다시 한번 확인하세요.", "9990");
			}

			$nm_hp = preg_replace("/[^0-9]*/s", "", $nm_hp);
			$nm_hp = add_hyphen($nm_hp);

			//소문자만 사용
			$cd_dealerid = strtolower($cd_dealerid);

			$sql = "INSERT INTO $table_name SET
						cd_dealerid 	= '$cd_dealerid'
						, cd_dealer_p	= 0
						, nm_name 		= '$nm_name'
						, ds_type 		= 'D0'
						, ds_level 		= '1'
						, nm_hp			= '$nm_hp'
						, nm_hp_01 		= '$nm_hp1'
						, nm_hp_02 		= '$nm_hp2'
						, nm_hp_03 		= '$nm_hp3'
						, ds_status 	= 'A0'
						, ds_company_bp = '$ds_company_bp'
						, ds_branch 	= '$ds_branch'
						, nm_pass 		= password('".$nm_pass."')
						, ds_usertype	= ''
						, nm_company 	= ''
						, nm_birth 		= ''
						, nm_tel_01 	= ''
						, nm_tel_02 	= ''
						, nm_tel_03 	= ''
						, nm_fax_01 	= ''
						, nm_fax_02 	= ''
						, nm_fax_03 	= ''
						, nm_email 		= ''
						, nm_zip 		= ''
						, nm_addr 		= ''
						, nm_addr_sub 	= ''
						, nm_etc_01 	= ''
						, nm_etc_02 	= ''
						, nm_etc_03 	= ''
						, nm_company_biz = ''
						, nm_name_biz 	= ''
						, nm_no_biz 	= ''
						, nm_date_biz 	= ''
						, nm_type_biz 	= ''
						, nm_condition_biz = ''
						, nm_tel_biz_01 = ''
						, nm_tel_biz_02 = ''
						, nm_tel_biz_03 = ''
						, nm_hp_biz_01 	= ''
						, nm_hp_biz_02 	= ''
						, nm_hp_biz_03 	= ''
						, nm_fax_biz_01 = ''
						, nm_fax_biz_02 = ''
						, nm_fax_biz_03 = ''
						, nm_email_biz 	= ''
						, nm_zip_biz 	= ''
						, nm_addr_biz 	= ''
						, nm_addr_sub_biz = ''
						, ds_company_bp1 = ''
						, ds_company_bp2 = ''
						, ds_company_bp3 = ''
						, ds_branch1 	= ''
						, ds_branch2 	= ''
						, ds_branch3 	= ''
						, dt_insert = now()
						, nm_insert = '$cd_dealerid'
						, dt_update = now()
						, nm_update = '$cd_dealerid'
						, ds_delind = 'N'
			";
			// echo $sql;
			// exit;
			$result  = mysql_query($sql,$connect);
			$cd_dealer  = mysql_insert_id();

			if(!$result) {
				throw new Exception("회원 등록처리에 실패 하였습니다.잠시후 다시 시도해 주세요.", "9990");
			}


			$sql = "UPDATE $table_name SET
						cd_dealer_p = '$cd_dealer'
					WHERE cd_dealer = '$cd_dealer'
			";
			mysql_query($sql,$connect);

			$RES['CODE'] = "0000";
 			$RES['MSG'] = "AAP 등록이 완료되었습니다.";

		}catch(Exception $e){
			$RES['CODE'] = $e->getCode();
			$RES['MSG'] = $e->getMessage();
		}
		@mysql_close($connect);

		echo json_encode($RES);
		exit;

	break;

	case "IdChk":

		$RES = array('CODE'=>'9999', 'MSG'=>'');
		try {
			//소문자만 사용
			$cd_dealerid = strtolower($cd_dealerid);

			if(strlen($cd_dealerid)<4 || strlen($cd_dealerid)>20) {
				throw new Exception("아이디(4~20)의 자리수가 맞지 않습니다.", "9990");
			}
			if($cd_dealerid=="userid" || $cd_dealerid=="member" || $cd_dealerid=="admin"){
				throw new Exception("중복된 아이디입니다. 관리자에게 문의하십시요.", "9990");
			}

			if(!preg_match("/^[a-zA-Z](?=.*[a-zA-Z])(?=.*[0-9]).{3,19}$/i", $cd_dealerid)) {
			// if(!preg_match("/^[a-zA-Z]+[a-zA-Z0-9]{3,19}$/i", $cd_dealerid)) {
				throw new Exception("아이디는 영문자로 시작하는 4~20자 영문자/숫자 조합이어야 합니다.", "9991");
			}

			$check_id=mysql_result(mysql_query("select count(*) from $table_name where cd_dealerid='$cd_dealerid'"),0,0);
			if($check_id > 0) {
				throw new Exception("이미 사용중인 아이디입니다.다시 한번 확인하세요.", "9990");
			}

			$RES['CODE'] = "0000";
			$RES['MSG'] = "정상.";

		}catch(Exception $e){
			$RES['CODE'] = $e->getCode();
			$RES['MSG'] = $e->getMessage();
		}
		@mysql_close($connect);

		echo json_encode($RES);
		exit;


	break;

	case "IdSearch":

		$RES = array('CODE'=>'9999', 'MSG'=>'');
		try {
			$nm_name  	= trim(avoid_crack($_POST["nm_name"]));
			$nm_hp  	= trim(avoid_crack($_POST["nm_hp"]));

			if(empty($nm_name)) {
				throw new Exception("이름을 입력하세요", "9990");
			}
			if(empty($nm_hp)) {
				throw new Exception("휴대폰 번호를 입력하세요", "9990");
			}

			$nm_hp = preg_replace("/[^0-9]*/s", "", $nm_hp);
			$nm_hp = add_hyphen($nm_hp);

			$sql = "select * from $table_name where ds_delind='N' And nm_name = '". $nm_name . "' AND nm_hp = '". $nm_hp . "' ";
			// echo $sql;
			// exit;
			$res = mysql_query($sql);
			$col = mysql_fetch_array($res);

			if(empty($col['cd_dealer'])) {
				throw new Exception("입력하신 정보가 정확하지 않습니다.", "9990");
			}

			# SMS 발송
			# 1. 요청자에게
			$aligo = new Aligo();
			$aligo->getToken();

			$ALIGO_DATA = array();
			$ALIGO_DATA['id'] 			= $col['cd_dealerid'];
			$ALIGO_DATA['name'] 		= $col['nm_name'];
			$ALIGO_DATA['recv_phone'] 	= $col['nm_hp'];
			// print_r($ALIGO_DATA);
			// exit;
			$response = $aligo->send_common_find_id($ALIGO_DATA);
			unset($ALIGO_DATA);

			if($response['code'] != "0") {
				throw new Exception($response['message'], "4449");
			}

			$RES['CODE'] = "0000";
			$RES['MSG'] = "정상.";

		}catch(Exception $e){
			$RES['CODE'] = $e->getCode();
			$RES['MSG'] = $e->getMessage();
		}
		@mysql_close($connect);

		echo json_encode($RES);
		exit;

	break;

	case "PwdSearch":

		$RES = array('CODE'=>'9999', 'MSG'=>'');
		try {
			$cd_dealerid  	= trim(avoid_crack($_POST["cd_dealerid"]));
			$nm_hp  		= trim(avoid_crack($_POST["nm_hp"]));

			//소문자만 사용
			$cd_dealerid = strtolower($cd_dealerid);

			if(empty($cd_dealerid)) {
				throw new Exception("아이디를 입력하세요", "9990");
			}
			if(empty($nm_hp)) {
				throw new Exception("휴대폰 번호를 입력하세요", "9990");
			}

			$nm_hp = preg_replace("/[^0-9]*/s", "", $nm_hp);
			$nm_hp = add_hyphen($nm_hp);

			$sql = "select * from $table_name where ds_delind='N' And cd_dealerid = '". $cd_dealerid . "' AND nm_hp = '". $nm_hp . "' ";
			// echo $sql;
			// exit;
			$res = mysql_query($sql);
			$col = mysql_fetch_array($res);

			if(empty($col['cd_dealer'])) {
				throw new Exception("입력하신 정보가 정확하지 않습니다.", "9990");
			}

			$new_passwd = generatePassword(8);
			$sql="UPDATE $table_name set nm_pass = password('".$new_passwd."')  where cd_dealer = '{$col['cd_dealer']}'";
			// echo $sql;
			// exit;
			$result  = mysql_query($sql,$connect);

			if(!$result) {
				throw new Exception("임시 비밀번호 변경에 실패 하였습니다.잠시후 다시 시도해 주세요.", "9990");
			}

			# SMS 발송
			# 1. 요청자에게
			$aligo = new Aligo();
			$aligo->getToken();

			$ALIGO_DATA = array();
			$ALIGO_DATA['pwd'] 			= $new_passwd;
			$ALIGO_DATA['name'] 		= $col['nm_name'];
			$ALIGO_DATA['recv_phone'] 	= $col['nm_hp'];
			// print_r($ALIGO_DATA);
			// exit;
			$response = $aligo->send_common_find_pwd($ALIGO_DATA);
			unset($ALIGO_DATA);

			if($response['code'] != "0") {
				throw new Exception($response['message'], "4449");
			}

			$RES['CODE'] = "0000";
			$RES['MSG'] = "정상.";

		}catch(Exception $e){
			$RES['CODE'] = $e->getCode();
			$RES['MSG'] = $e->getMessage();
		}
		@mysql_close($connect);

		echo json_encode($RES);
		exit;

	break;

	default :
		AlertBack("지정되지않은 요청입니다");
	break;
}
mysql_close($connect);
?>