$err_msg = $passmsg; } } // login_id and login_pass ok if ($oerr->clear) { // get data by login_id and login_pwd $db = new Class_DB(); $sql = sprintf("SELECT * FROM mp_account WHERE login_id = '%s' AND login_pwd = '%s' ", mysql_real_escape_string($id), mysql_real_escape_string(Class_PWD::do_encode($pass))); $db->query($sql); if ($db->num_rows()) { $row = $db->fetch(); // ログイン不可 if ($row['login_flgs'] == '1') { $err_msg = '<p class="caution">ログインできません。管理者にお問い合わせください。</p>'; $err = true; $db->close(); // ログイン可 } else { // set auth and session session_name('PREGO_ADMIN'); //session_cache_limiter(private_no_expire); session_start(); $auth = $row['sorts']; $_SESSION['PREGO_ADMIN']['STAFF_SEQ'] = $row['id']; $_SESSION['PREGO_ADMIN']['STAFF_ID'] = $row['login_id']; $_SESSION['PREGO_ADMIN']['STAFF_PWD'] = $row['login_pwd']; $_SESSION['PREGO_ADMIN']['STAFF_AUTH'] = $auth; $_SESSION['PREGO_ADMIN']['STAFF_NAME'] = $row['user_name']; $db->close(); // prego model auth $prego_menu_auth = array(PREGO_ACCOUNT => array(1), PROGE_CORPORATE => array(1, 2), PROGE_SPECIALIST => array(1, 3), PROGE_OPPORTUNITY => array(1, 2, 3), PROGE_BILL => array(1, 2), PROGE_PAYMENT => array(1, 3), PROGE_SERVICE => array(1));