function verify($user_id, $password, $vcode = "") { //print_r($user_id);return; $a = new User($this->db_conn); $result = $a->login($user_id, $password); $_SESSION['USER_TYPE'] = ""; if ($result == 0) { $a->getDataByUserID($user_id); if ($a->active == 1) { $_SESSION['M_SYSUSER'] = $a; $_SESSION['M_SYSUSER_ALLOW'] = 1; // no user $_SESSION['USERID'] = $user_id; $_SESSION['USERLEVEL'] = $a->level; $_SESSION['USERNAME'] = $a->user_name; $_SESSION['USER_TYPE'] = "SYS"; $_SESSION['LOGIN_RESULT'] = ""; } else { $_SESSION['LOGIN_RESULT'] = "帳號尚未啟用!!"; $result = 3; } } else { if ($result == 3) { // not active $_SESSION['LOGIN_RESULT'] = "輸入的密碼不正確!!"; } else { if ($result == 2) { // password no match $_SESSION['LOGIN_RESULT'] = "輸入的密碼不正確"; } else { if ($result == 1) { // no user $_SESSION['LOGIN_RESULT'] = "無此使用者帳號或密碼不正確"; } } } } unset($_SESSION['vcode']); if ($_SESSION['LOGIN_RESULT'] == "") { $this->gotoURL($this->first_url); } else { $this->login(); } }
require_once APP_ROOT_PATH . '_lib/DB_class.php'; $from_ip = getenv("REMOTE_ADDR"); $user_id = strtoupper($_POST['uid']); $password = $_POST['upass']; $vcode = $_POST['vcode']; //$user_id = strtoupper($_POST['user']); //$password = $_POST['pass']; //$vcode = $_POST['checkcode']; if ($vcode == $_SESSION['vcode']) { $_SESSION['LOGINID'] = $user_id; $user = new User($conn); $result = $user->login($user_id, $password); //$result = $user->loginLDAP($user_id, $password); $_SESSION['LOGIN_RESULT'] = ""; if ($result == 0) { $user->getDataByUserID($user_id); if ($user->active == 1) { // $role = new Role($conn); // $role->getData($user->role_id); // no user $_SESSION['USERID'] = $user_id; $_SESSION['USERNAME'] = $user->user_name; $_SESSION['USERLEVEL'] = $user->level; // $_SESSION['USER_ROLE_ID'] = $user->role_id; // $_SESSION['USER_ROLE_NAME'] = $role->name; // $_SESSION['USER_DEBUG'] = $role->debug; /* $sysfunc = new SYSFUNC($conn); $funcs = $sysfunc->getListArray(); foreach ($funcs as $row) {