function verify($user_id, $password, $vcode = "")
{
//print_r($user_id);return;
$a = new User($this->db_conn);
$result = $a->login($user_id, $password);
$_SESSION['USER_TYPE'] = "";
if ($result == 0) {
$a->getDataByUserID($user_id);
if ($a->active == 1) {
$_SESSION['M_SYSUSER'] = $a;
$_SESSION['M_SYSUSER_ALLOW'] = 1;
// no user
$_SESSION['USERID'] = $user_id;
$_SESSION['USERLEVEL'] = $a->level;
$_SESSION['USERNAME'] = $a->user_name;
$_SESSION['USER_TYPE'] = "SYS";
$_SESSION['LOGIN_RESULT'] = "";
} else {
$_SESSION['LOGIN_RESULT'] = "帳號尚未啟用!!";
$result = 3;
}
} else {
if ($result == 3) {
// not active
$_SESSION['LOGIN_RESULT'] = "輸入的密碼不正確!!";
} else {
if ($result == 2) {
// password no match
$_SESSION['LOGIN_RESULT'] = "輸入的密碼不正確";
} else {
if ($result == 1) {
// no user
$_SESSION['LOGIN_RESULT'] = "無此使用者帳號或密碼不正確";
}
}
}
}
unset($_SESSION['vcode']);
if ($_SESSION['LOGIN_RESULT'] == "") {
$this->gotoURL($this->first_url);
} else {
$this->login();
}
}
require_once APP_ROOT_PATH . '_lib/DB_class.php';
$from_ip = getenv("REMOTE_ADDR");
$user_id = strtoupper($_POST['uid']);
$password = $_POST['upass'];
$vcode = $_POST['vcode'];
//$user_id = strtoupper($_POST['user']);
//$password = $_POST['pass'];
//$vcode = $_POST['checkcode'];
if ($vcode == $_SESSION['vcode']) {
$_SESSION['LOGINID'] = $user_id;
$user = new User($conn);
$result = $user->login($user_id, $password);
//$result = $user->loginLDAP($user_id, $password);
$_SESSION['LOGIN_RESULT'] = "";
if ($result == 0) {
$user->getDataByUserID($user_id);
if ($user->active == 1) {
// $role = new Role($conn);
// $role->getData($user->role_id);
// no user
$_SESSION['USERID'] = $user_id;
$_SESSION['USERNAME'] = $user->user_name;
$_SESSION['USERLEVEL'] = $user->level;
// $_SESSION['USER_ROLE_ID'] = $user->role_id;
// $_SESSION['USER_ROLE_NAME'] = $role->name;
// $_SESSION['USER_DEBUG'] = $role->debug;
/*
$sysfunc = new SYSFUNC($conn);
$funcs = $sysfunc->getListArray();
foreach ($funcs as $row) {
