'9999', 'MSG'=>''); try { if(!$_POST) { throw new Exception("정상적인 접근이 아닙니다.", "9999"); } if(empty($cd_userid)) { throw new Exception("아이디가 없습니다.", "9998"); } if(empty($nm_pass)) { throw new Exception("비밀번호가 없습니다.", "9997"); } // $_whereis = " nm_email = '". $nm_email . "' and nm_pass = password('". $nm_pass ."') and ds_level = '". $ds_level ."' "; $_whereis = " cd_userid = '". $cd_userid . "' and nm_pass = password('". $nm_pass ."') AND ds_delind = 'N' "; // echo $_whereis; $row = $dbCon->selectDAO("*, CONVERT(password(cd_user+nm_pass+UNIX_TIMESTAMP()), CHAR) as enc_val", $table_name, $_whereis); if (!$row['cd_user']) { throw new Exception("로그인 정보가 정확하지 않습니다.", "9890"); } if ($row['ds_status'] == 'W0') { throw new Exception("탈퇴한 아이디입니다.", "4444"); } if ($row['ds_status'] == 'D0') { throw new Exception("휴면계정 아이디입니다.", "4444"); } $sql = "UPDATE member_master set dt_lastlogin = now(), enc_val = '{$row['enc_val']}' where cd_user = '".$row['cd_user']."'"; $result = $dbCon->query($sql); // $_SESSION['s_cd_userid']=$row[cd_userid]; $_SESSION['s_cd_user'] = $row['cd_user']; $_SESSION['s_cd_userid'] = $row['cd_userid']; $_SESSION['s_nm_email'] = $row['nm_email']; $_SESSION['s_nm_name'] = $row['nm_name']; $_SESSION['s_nm_hp'] = $row['nm_hp']; $_SESSION['s_ds_type'] = $row['ds_type']; //$ds_type -> A0:개인,B0:업체,C0:비회원,D0:딜러,D1:딜러-관리자 $_SESSION['s_ds_level'] = $row['ds_level']; $_SESSION['s_cd_user'] = $row['cd_user']; $_SESSION['s_ds_area'] = $row['ds_area']; $_SESSION['s_ds_area_sub'] = $row['ds_area_sub']; $_SESSION['s_ds_usertype'] = $row['ds_type']; //$ds_usertypeds_type 상세 사용 가능) -> A0:개인,B0:업체,C0:비회원,D0:딜러,D1:딜러-관리자 예)(($row[ds_type] == "A0")?"D0":"D1"); $_SESSION['s_ds_company_bp']=$row['ds_company_bp']; //관계사 $_SESSION['s_ds_branch']=$row['ds_branch']; //지점 //자동 로그인 if ($auto_login == "Y"){ // setAutoLogin($row[cd_user], $dbCon); } $DATAS = array(); $DATAS['enc_str'] = "al_usr=".$row['cd_userid']."&al_val=".$row['enc_val']; $RES['CODE'] = "0000"; $RES['MSG'] = "정상."; $RES['DATAS'] = $DATAS; }catch(Exception $e){ $RES['CODE'] = $e->getCode(); $RES['MSG'] = $e->getMessage(); } echo json_encode($RES); exit; break; case "loginAuto": $RES = array('CODE'=>'9999', 'MSG'=>''); try { if(!$_POST) { throw new Exception("정상적인 접근이 아닙니다.", "9999"); } $cd_userid = trim(avoid_crack($_POST["al_usr"])); $enc_val = trim(avoid_crack($_POST["al_val"])); if(empty($cd_userid)) { throw new Exception("아이디가 없습니다.", "9998"); } if(empty($enc_val)) { throw new Exception("시크릿키가 없습니다.", "9997"); } $_whereis = " cd_userid = '". $cd_userid . "' and enc_val = '". $enc_val ."' "; $row = $dbCon->selectDAO("*", $table_name, $_whereis); if (!$row['cd_user']) { throw new Exception("로그인 정보가 정확하지 않습니다.", "9890"); } if ($row['ds_status'] == 'W0') { throw new Exception("탈퇴한 아이디입니다.", "4444"); } if ($row['ds_status'] == 'B0') { throw new Exception("휴면계정 아이디입니다.", "4444"); } $sql = "UPDATE member_master set dt_lastlogin = now() where cd_user = '".$row['cd_user']."'"; $result = $dbCon->query($sql); // $_SESSION['s_cd_userid']=$row[cd_userid]; $_SESSION['s_cd_user'] = $row['cd_user']; $_SESSION['s_cd_userid'] = $row['cd_userid']; $_SESSION['s_nm_email'] = $row['nm_email']; $_SESSION['s_nm_name'] = $row['nm_name']; $_SESSION['s_nm_hp'] = $row['nm_hp']; $_SESSION['s_ds_type'] = $row['ds_type']; //$ds_type -> A0:개인,B0:업체,C0:비회원,D0:딜러,D1:딜러-관리자 $_SESSION['s_ds_level'] = $row['ds_level']; $_SESSION['s_cd_user'] = $row['cd_user']; $_SESSION['s_ds_area'] = $row['ds_area']; $_SESSION['s_ds_area_sub'] = $row['ds_area_sub']; $_SESSION['s_ds_usertype'] = $row['ds_type']; //$ds_usertypeds_type 상세 사용 가능) -> A0:개인,B0:업체,C0:비회원,D0:딜러,D1:딜러-관리자 예)(($row[ds_type] == "A0")?"D0":"D1"); $_SESSION['s_ds_company_bp']=$row['ds_company_bp']; //관계사 $_SESSION['s_ds_branch'] =$row['ds_branch']; //지점 $RES['CODE'] = "0000"; $RES['MSG'] = "정상."; }catch(Exception $e){ $RES['CODE'] = $e->getCode(); $RES['MSG'] = $e->getMessage(); } echo json_encode($RES); exit; break; case "login_dealer": $table_name = "dealer_master a"; $_whereis = " cd_dealerid = '". $cd_dealerid . "' and nm_pass = password('". $nm_pass ."') "; $row = $dbCon->selectDAO("*, ifnull((select ds_status from dealer_master where cd_dealer = a.cd_dealer_p), '') ds_status_p", $table_name, $_whereis); if (!$row['cd_dealer']) { echo("N"); exit; } else { // if($_SERVER['REMOTE_ADDR'] == '220.86.24.1199') { include $_SERVER['DOCUMENT_ROOT'].'/common/lib/encrypt.php'; $enc_passwd = "upro_contract"; //2021-07-16 계약서 확인하여 동의 하지 않으면 동의 페이지로 이동 if($row['ds_info_contract'] != "Y" || $row['ds_info_privacy'] != "Y" || $row['ds_info_service'] != "Y") { $contract = array(); $contract['cd_dealer'] = $row['cd_dealer']; $contract['cd_dealerid'] = $row['cd_dealerid']; $enc_data = upro_encrypt(json_encode($contract), $enc_passwd); echo("C").base64_encode($enc_data); exit; } // } // if ($row['ds_status'] == "Z0") { //승인 상태 $sql = "UPDATE dealer_master set dt_lastlogin = now() where cd_dealer = '". $row['cd_dealer'] . "'"; $result = $dbCon->query($sql); $_SESSION['s_cd_dealerid']=$row[cd_dealerid]; $_SESSION['s_nm_email']=$row[nm_email]; $_SESSION['s_nm_name']=$row[nm_name]; $_SESSION['s_nm_hp']=$row[nm_hp_01].$row[nm_hp_02].$row[nm_hp_03]; $_SESSION['s_nm_hp_form']=$row[nm_hp_01]."-".$row[nm_hp_02]."-".$row[nm_hp_03]; $_SESSION['s_ds_type']=$row[ds_type]; //$ds_type -> A0:개인,B0:업체,C0:비회원,D0:딜러,D1:딜러-관리자 $_SESSION['s_ds_level']=$row[ds_level]; $_SESSION['s_cd_dealer']=$row[cd_dealer]; $_SESSION['s_cd_dealer_p']=$row[cd_dealer_p]; $_SESSION['s_nm_area']=$row[nm_area]; // $_SESSION['s_ds_area_sub']=$row[ds_area_sub]; $_SESSION['s_ds_usertype']=$row[ds_usertype]; //$ds_usertype ds_type 상세 사용 가능 -> A0:개인,B0:업체,B1:업체1,B2:업체2,C0:비회원 $_SESSION['s_ds_company_bp1']=$row[ds_company_bp1]; //관계사1 $_SESSION['s_ds_branch1']=$row[ds_branch1]; //지점1 $_SESSION['s_ds_company_bp2']=$row[ds_company_bp2]; //관계사2 $_SESSION['s_ds_branch2']=$row[ds_branch2]; //지점2 $_SESSION['s_ds_company_bp3']=$row[ds_company_bp3]; //관계사3 $_SESSION['s_ds_branch3']=$row[ds_branch3]; //지점3 $_SESSION['s_ds_kind']= substr($row[ds_type],0,1); //$s_ds_kind -> A:개인, D:딜러,딜러-관리자 예)(($row[ds_type] == "A0")?"D0":"D1"); $_SESSION['s_ds_status_p']=$row[ds_status_p]; //총괄관리자(딜러) 승인여부 : Z0-승인, 이외-미승인 echo("Y"); exit; // } else { //미승인 상태 // echo("S"); // exit; // } } break; case "logout": $_SESSION['s_cd_userid'] = null; $_SESSION['s_nm_email'] = null; $_SESSION['s_nm_name'] = null; $_SESSION['s_nm_hp'] = null; $_SESSION['s_nm_hp_form'] = null; $_SESSION['s_ds_type'] = null; $_SESSION['s_ds_level'] = null; $_SESSION['s_cd_user'] = null; $_SESSION['s_cd_dealer'] = null; $_SESSION['s_cd_dealer_p'] = null; $_SESSION['s_nm_area'] = null; $_SESSION['s_ds_area'] = null; $_SESSION['s_ds_area_sub'] = null; $_SESSION['s_ds_usertype'] = null; setcookie (COOKIENAME, '', time() - 1, "/"); Redirect("/m/main.php"); break; default : AlertBack("지정되지않은 요청입니다"); break; } //자동 로그인 //db_connect $connect 넘겨주지 않고 사용해도 되나? $connect 반환 제대로 될까? function setAutoLogin($cd_user,$argDbCon){ $_whereis1 = " cd_user = '". $cd_user . "' "; $sql1 = " select * from member_master where cd_user = '". $cd_user . "' "; $row = mysql_fetch_array(mysql_query($sql1)); setcookie (COOKIENAME, 'al_usr='.$row['nm_email'].'&al_val='.$row['enc_val'], time() + LIMIT_TIME_AUTO_LOGIN, "/"); } mysql_close($connect); ?>