'9999', 'MSG'=>''); try { if(!$_POST) { throw new Exception("정상적인 접근이 아닙니다.", "9999"); } if(empty($cd_userid)) { throw new Exception("아이디가 없습니다.", "9998"); } if(empty($nm_pass)) { throw new Exception("비밀번호가 없습니다.", "9997"); } //소문자만 사용 $cd_userid = strtolower($cd_userid); // $_whereis = " nm_email = '". $nm_email . "' and nm_pass = password('". $nm_pass ."') and ds_level = '". $ds_level ."' "; $_whereis = " cd_userid = '". $cd_userid . "' and nm_pass = password('". $nm_pass ."') and ds_delind = 'N' "; if($_SERVER['REMOTE_ADDR'] == '220.86.24.199') { // $_whereis = " cd_userid = '". $cd_userid . "' and ds_delind = 'N' "; // echo $_whereis; // exit; } $row = $dbCon->selectDAO("*, CONVERT(password(cd_user+nm_pass+UNIX_TIMESTAMP()), CHAR) as enc_val", $table_name, $_whereis); if (!$row['cd_userid']) { throw new Exception("로그인 정보가 정확하지 않습니다..", "9890"); // echo("N"); // exit; } if ($row['ds_status'] == 'W0') { throw new Exception("탈퇴한 SA 직원입니다.", "4444"); } if ($row['ds_status'] == 'D0') { throw new Exception("휴면계정 SA 직원입니다.", "4445"); } if ($row['ds_status'] != 'Z0') { throw new Exception("승인되지 않은 SA 직원입니다.", "4446"); } // }else if ($row['ds_status'] != 'Z0') { // echo("F"); // exit; // } else { $sql = "UPDATE $table_name set dt_lastlogin = now(), enc_val = '{$row['enc_val']}' where cd_user = '".$row['cd_user']."'"; $result = $dbCon->query($sql); $_SESSION['s_staff_userid'] = $row['cd_userid']; $_SESSION['s_staff_user'] = $row['cd_user']; $_SESSION['s_nm_email'] = $row['nm_email']; $_SESSION['s_nm_name'] = $row['nm_name']; $_SESSION['s_nm_hp'] = $row['nm_hp']; $_SESSION['s_ds_type'] = $row['ds_type']; //$ds_type -> A0:개인,B0:업체,C0:비회원,D0:딜러,D1:딜러-관리자 $_SESSION['s_ds_level'] = $row['ds_level']; $_SESSION['s_cd_user'] = $row['cd_user']; $_SESSION['s_ds_area'] = $row['ds_area']; $_SESSION['s_ds_area_sub'] = $row['ds_area_sub']; $_SESSION['s_ds_usertype'] = $row['ds_type']; //$ds_usertypeds_type 상세 사용 가능) -> A0:개인,B0:업체,C0:비회원,D0:딜러,D1:딜러-관리자 예)(($row[ds_type] == "A0")?"D0":"D1"); $_SESSION['s_ds_company_bp']= $row['ds_company_bp']; //관계사 $_SESSION['s_ds_branch'] = $row['ds_branch']; //지점 //자동 로그인 if ($auto_login == "Y"){ // setAutoLogin($row['cd_user'], $dbCon); } // // echo("Y"); // exit; // } $DATAS = array(); $DATAS['enc_str'] = "al_usr=".$row['cd_userid']."&al_val=".$row['enc_val']; $RES['CODE'] = "0000"; $RES['MSG'] = "정상."; $RES['DATAS'] = $DATAS; }catch(Exception $e){ $RES['CODE'] = $e->getCode(); $RES['MSG'] = $e->getMessage(); } echo json_encode($RES); exit; break; case "loginAuto": $cd_userid = trim(avoid_crack($_POST["al_usr"])); $enc_val = trim(avoid_crack($_POST["al_val"])); $_whereis = " cd_userid = '". $cd_userid . "' and enc_val = '". $enc_val ."' and ds_delind = 'N' "; $row = $dbCon->selectDAO("*", $table_name, $_whereis); if (!$row['cd_userid']) { echo("N"); exit; } else { $sql = "UPDATE $table_name set dt_lastlogin = now() where cd_user = '".$row['cd_user']."'"; $result = $dbCon->query($sql); $_SESSION['s_staff_userid'] = $row['cd_userid']; $_SESSION['s_staff_user'] = $row['cd_user']; $_SESSION['s_nm_email'] = $row['nm_email']; $_SESSION['s_nm_name'] = $row['nm_name']; $_SESSION['s_nm_hp'] = $row['nm_hp']; $_SESSION['s_ds_type'] = $row['ds_type']; //$ds_type -> A0:개인,B0:업체,C0:비회원,D0:딜러,D1:딜러-관리자 $_SESSION['s_ds_level'] = $row['ds_level']; $_SESSION['s_cd_user'] = $row['cd_user']; $_SESSION['s_ds_area'] = $row['ds_area']; $_SESSION['s_ds_area_sub'] = $row['ds_area_sub']; $_SESSION['s_ds_usertype'] = $row['ds_type']; //$ds_usertypeds_type 상세 사용 가능) -> A0:개인,B0:업체,C0:비회원,D0:딜러,D1:딜러-관리자 예)(($row[ds_type] == "A0")?"D0":"D1"); $_SESSION['s_ds_company_bp']=$row['ds_company_bp']; //관계사 $_SESSION['s_ds_branch']=$row['ds_branch']; //지점 echo("Y"); exit; } break; case "logout": $_SESSION['s_staff_userid'] = null; $_SESSION['s_staff_user'] = null; $_SESSION['s_nm_email'] = null; $_SESSION['s_nm_name'] = null; $_SESSION['s_nm_hp'] = null; $_SESSION['s_ds_type'] = null; $_SESSION['s_ds_level'] = null; $_SESSION['s_cd_user'] = null; $_SESSION['s_ds_area'] = null; $_SESSION['s_ds_area_sub'] = null; $_SESSION['s_ds_usertype'] = null; $_SESSION['s_ds_company_bp'] = null; //관계사 $_SESSION['s_ds_branch'] = null; //지점 setcookie ('ESMotorsStaff', '', time() - 1, "/"); Redirect("/sa/login.php"); break; default : AlertBack("지정되지않은 요청입니다"); break; } //자동 로그인 //db_connect $connect 넘겨주지 않고 사용해도 되나? $connect 반환 제대로 될까? function setAutoLogin($cd_user,$argDbCon){ global $table_name; $_whereis1 = " cd_user = '". $cd_user . "' "; $sql1 = " select * from $table_name where cd_user = '". $cd_user . "' "; $row = mysql_fetch_array(mysql_query($sql1)); setcookie ('ESMotorsStaff', 'al_usr='.$row[cd_userid].'&al_val='.$row[enc_val], time() + LIMIT_TIME_AUTO_LOGIN, "/"); } mysql_close($connect); ?>