<?php

	include $_SERVER["DOCUMENT_ROOT"].'/common/lib/comm.php';

	$table_name = "member_master";

	$mode= trim(avoid_crack($_REQUEST["mode"]));
//	$cd_userid = trim(avoid_crack($_POST["cd_userid"]));
	$cd_dealerid = trim(avoid_crack($_POST["cd_dealerid"]));
	$nm_email = trim(avoid_crack($_POST["nm_email"]));
	$nm_pass = trim(avoid_crack($_POST["nm_pass"]));
	$ds_level = trim(avoid_crack($_POST["ds_level"]));
	$auto_login = trim(avoid_crack($_POST["auto_login"]));

	switch($mode) {

		case "login": 
//			$_whereis = "  nm_email = '". $nm_email . "' and nm_pass = password('". $nm_pass ."') and ds_level = '". $ds_level ."' ";
			$_whereis = "  nm_email = '". $nm_email . "' and nm_pass = password('". $nm_pass ."') ";

			$row = $dbCon->selectDAO("*", $table_name, $_whereis);	
			if (!$row['nm_email']) {
				echo("N");
				exit;
			} else {

				$sql = "UPDATE member_master set dt_lastlogin = now(), enc_val = password(cd_user+nm_pass+UNIX_TIMESTAMP()) where cd_user = '".$row[cd_user]."'";
				$result  = $dbCon->query($sql);

//				$_SESSION['s_cd_userid']=$row[cd_userid];
				$_SESSION['s_nm_email']=$row[nm_email];
				$_SESSION['s_nm_name']=$row[nm_name];
				$_SESSION['s_nm_hp']=$row[nm_hp];
				$_SESSION['s_ds_type']=$row[ds_type];	//$ds_type -> A0:개인,B0:업체,C0:비회원,D0:딜러,D1:딜러-관리자
				$_SESSION['s_ds_level']=$row[ds_level];
				$_SESSION['s_cd_user']=$row[cd_user];
				$_SESSION['s_ds_area']=$row[ds_area];
				$_SESSION['s_ds_area_sub']=$row[ds_area_sub];
				$_SESSION['s_ds_usertype']= $row[ds_type];	//$ds_usertypeds_type 상세 사용 가능) -> A0:개인,B0:업체,C0:비회원,D0:딜러,D1:딜러-관리자		예)(($row[ds_type] == "A0")?"D0":"D1");
				$_SESSION['s_ds_kind']= substr($row[ds_type],0,1);	//$s_ds_kind -> A:개인, D:딜러,딜러-관리자		예)(($row[ds_type] == "A0")?"D0":"D1");

				//자동 로그인
				if ($auto_login == "Y"){
					setAutoLogin($row[cd_user], $dbCon);
				}

				echo("Y");
				exit;
			}
			break;

		case "loginAuto": 

			$nm_email = trim(avoid_crack($_POST["al_usr"]));
			$enc_val = trim(avoid_crack($_POST["al_val"]));

			$_whereis = "  nm_email = '". $nm_email . "' and enc_val = '". $enc_val ."' ";

			$row = $dbCon->selectDAO("*", $table_name, $_whereis);	
			if (!$row['nm_email']) {
				echo("N");
				exit;
			} else {

				$sql = "UPDATE member_master set dt_lastlogin = now() where cd_user = '".$row[cd_user]."'";
				$result  = $dbCon->query($sql);

//				$_SESSION['s_cd_userid']=$row[cd_userid];
				$_SESSION['s_nm_email']=$row[nm_email];
				$_SESSION['s_nm_name']=$row[nm_name];
				$_SESSION['s_nm_hp']=$row[nm_hp];
				$_SESSION['s_ds_type']=$row[ds_type];	//$ds_type -> A0:개인,B0:업체,C0:비회원,D0:딜러,D1:딜러-관리자
				$_SESSION['s_ds_level']=$row[ds_level];
				$_SESSION['s_cd_user']=$row[cd_user];
				$_SESSION['s_ds_area']=$row[ds_area];
				$_SESSION['s_ds_area_sub']=$row[ds_area_sub];
				$_SESSION['s_ds_usertype']= $row[ds_type];	//$ds_usertypeds_type 상세 사용 가능) -> A0:개인,B0:업체,C0:비회원,D0:딜러,D1:딜러-관리자		예)(($row[ds_type] == "A0")?"D0":"D1");
				$_SESSION['s_ds_kind']= substr($row[ds_type],0,1);	//$s_ds_kind -> A:개인, D:딜러,딜러-관리자		예)(($row[ds_type] == "A0")?"D0":"D1");

				echo("Y");
				exit;
			}
			break;

		case "login_dealer": 
			$table_name = "dealer_master";
			$_whereis = "  cd_dealerid = '". $cd_dealerid . "' and nm_pass = password('". $nm_pass ."') ";

			$row = $dbCon->selectDAO("*", $table_name, $_whereis);	
			if (!$row['cd_dealer']) {
				echo("N");
				exit;
			} else {
				if ($row['ds_status'] == "Z0") {		//승인 상태
					$sql = "UPDATE dealer_master set dt_lastlogin = now() where cd_dealer = '". $row['cd_dealer'] . "'";
					$result  = $dbCon->query($sql);

					$_SESSION['s_cd_dealerid']=$row[cd_dealerid];
					$_SESSION['s_nm_email']=$row[nm_email];
					$_SESSION['s_nm_name']=$row[nm_name];
					$_SESSION['s_nm_hp']=$row[nm_hp_01].$row[nm_hp_02].$row[nm_hp_03];
					$_SESSION['s_nm_hp_form']=$row[nm_hp_01]."-".$row[nm_hp_02]."-".$row[nm_hp_03];
					$_SESSION['s_ds_type']=$row[ds_type];	//$ds_type -> A0:개인,B0:업체,C0:비회원,D0:딜러,D1:딜러-관리자
					$_SESSION['s_ds_level']=$row[ds_level];
					$_SESSION['s_cd_dealer']=$row[cd_dealer];
					$_SESSION['s_cd_dealer_p']=$row[cd_dealer_p];
					$_SESSION['s_nm_area']=$row[nm_area];
	//				$_SESSION['s_ds_area_sub']=$row[ds_area_sub];
					$_SESSION['s_ds_usertype']= $row[ds_type];	//$ds_usertypeds_type 상세 사용 가능) -> A0:개인,B0:업체,C0:비회원,D0:딜러,D1:딜러-관리자		예)(($row[ds_type] == "A0")?"D0":"D1");
					$_SESSION['s_ds_kind']= substr($row[ds_type],0,1);	//$s_ds_kind -> A:개인, D:딜러,딜러-관리자		예)(($row[ds_type] == "A0")?"D0":"D1");

					echo("Y");
					exit;
				} else {		//미승인 상태
					echo("S");
					exit;
				}
			}
			break;

		case "logout":
			$_SESSION['s_cd_userid'] = null;
			$_SESSION['s_nm_email'] = null;
			$_SESSION['s_nm_name'] = null;
			$_SESSION['s_nm_hp'] = null;
			$_SESSION['s_nm_hp_form'] = null;
			$_SESSION['s_ds_type'] = null;
			$_SESSION['s_ds_level'] = null;
			$_SESSION['s_cd_user'] = null;
			$_SESSION['s_cd_dealer'] = null;
			$_SESSION['s_cd_dealer_p'] = null;
			$_SESSION['s_nm_area'] = null;
			$_SESSION['s_ds_area'] = null;
			$_SESSION['s_ds_area_sub'] = null;
			$_SESSION['s_ds_usertype'] = null;
			$_SESSION['s_ds_kind'] = null;

			Redirect("/");
			break;

		default :
			AlertBack("지정되지않은 요청입니다");
			break;
	}

	//자동 로그인
	//db_connect $connect 넘겨주지 않고 사용해도 되나? $connect 반환 제대로 될까?
	function setAutoLogin($cd_user,$argDbCon){
		
		$_whereis1 = "  cd_user = '". $cd_user . "' ";

		$row = $argDbCon->getOneDAO("*", $table_name, $_whereis1);

		setcookie (COOKIENAME, 'al_usr='.$row[nm_email].'&al_val='.$row[enc_val], time() + LIMIT_TIME_AUTO_LOGIN);

	}

	mysql_close($connect);
?>