function Req_Stu_Login($stu_id, $stu_pw)
{
// Connect with DB
require_once "Config_DB.php";
$db = new DB_Control();
$link = $db->DBC();
$sql = "SELECT * FROM student WHERE id = '{$this->stu_id}'";
$result = mysqli_query($link, $sql);
$check = mysqli_fetch_array($result);
###복호화###
$key = KEY;
$s_vector_iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_3DES, MCRYPT_MODE_ECB), MCRYPT_RAND);
$password = mysqli_real_escape_string($link, $check['pw']);
$de_str = pack("H*", $password);
//hex로 변환한 ascii를 binary로 변환
$decoding = mcrypt_decrypt(MCRYPT_3DES, $key, $de_str, MCRYPT_MODE_ECB, $s_vector_iv);
echo $decoding;
if (mysqli_num_rows($result) > 0) {
if (eregi("{$decoding}", "{$stu_pw}")) {
$_SESSION['USER_NAME'] = $stu_id;
$_SESSION['USER_PW'] = $stu_pw;
header("location:Service.php");
echo "totally success";
exit;
} else {
header("location:Main.php");
}
} else {
echo "first time or no data";
$_SESSION['USER_NAME'] = $stu_id;
$_SESSION['USER_PW'] = $stu_pw;
header("location:agreement.php");
exit;
}
//DB Close
mysqli_close($link);
}
function Ins_Admin_Data()
{
// Connect with DB
require_once "Config_DB.php";
$db = new DB_Control();
$link = $db->DBC();
$admin_id = 'admin';
$admin_pw = 'password';
//Encryption for security
$key = KEY;
$s_vector_iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_3DES, MCRYPT_MODE_ECB), MCRYPT_RAND);
$en_str = mcrypt_encrypt(MCRYPT_3DES, $key, $admin_pw, MCRYPT_MODE_ECB, $s_vector_iv);
$encryption = bin2hex($en_str);
//Insert Data-manager table
$sql = "INSERT INTO manager VALUES ('{$admin_id}', '{$encryption}')";
if ($link->query($sql) === TRUE) {
// Print part - If you want result, remove '//'
// echo "New record created successfully";
} else {
// Print part - If you want result, remove '//'
// echo "Error: " . $sql . "<br>" . $link->error;
}
$link->close();
}
<?php
session_start();
// Connect with DB
require_once "Config_DB.php";
$db = new DB_Control();
$link = $db->DBC();
//comment
Header("Content-type: application/vnd.ms-excel");
Header("Content-type: charset=utf-8");
Header("Content-Disposition: attachment; filename=" . date("Y-m-d") . ".xls");
Header("Content-Description: PHP5 Generated Data");
Header("Pragma: no-cache");
Header("Expires: 0");
$qry = "SELECT * FROM `application`, `student` WHERE `application`.`his_id` = `student`.`id`";
$result = mysqli_query($link, $qry);
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
</head>
<body>
<table border='1' cellpadding='2' cellspacing='5'>
<thead>
<th>이름</th>
<th>학번</th>
<th>이름</th>
<th>전화번호</th>
<th>인증 제도</th>
<th>인증 항목</th>
<th>비교과 과정</th>
/**
* @function requestHisnet
* @brief 히즈넷 서버에 로그인 요청을 보낸다. fsockopen() 사용
* 먼저 쿠키를 받아낸다.
* 주의할 점은 /login.asp 와 /goMenu_eval.asp 그리고 /main.asp 3곳에 요청을 다 보내야 한다. (2012년 1월 31일 기준.)
* 만약 히즈넷의 로그인 알고리즘이 바뀌면 이 부분을 수정해 주어야 한다.
**/
function requestHisnet()
{
//Connect with DB
session_start();
//simple_html_dom.php is needed to access hisnetpage information
include 'simple_html_dom.php';
// Create temorary file for save cookies
$ckfile = tempnam("/tmp", "CURLCOOKIE");
// POST data form for login
$dataopost = array("Language" => "Korean", "f_name" => "", "id" => $this->his_id, "part" => "", "password" => $this->his_pw, "x" => 0, "y" => 0);
// Access hisnet basic information
// 1st request
$ch = curl_init("http://hisnet.handong.edu/login/_login.php");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $dataopost);
curl_setopt($ch, CURLOPT_COOKIEJAR, $ckfile);
curl_setopt($ch, CURLOPT_REFERER, "http://hisnet.handong.edu/login/login.php");
$result = curl_exec($ch);
curl_close($ch);
// 2nd request
$ch = curl_init("http://hisnet.handong.edu/login/goMenu_eval.php?cleaninet=1&language=Korean");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_COOKIEFILE, $ckfile);
curl_setopt($ch, CURLOPT_REFERER, "http://hisnet.handong.edu/login/_login.php");
$result = curl_exec($ch);
curl_close($ch);
$dataopost = array("memo" => "");
// 3rd request
$ch = curl_init("http://hisnet.handong.edu/main.php");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $dataopost);
curl_setopt($ch, CURLOPT_COOKIEFILE, $ckfile);
curl_setopt($ch, CURLOPT_REFERER, "http://hisnet.handong.edu/login/goMenu_eval.php?cleaninet=1&language=Korean");
$result = curl_exec($ch);
curl_close($ch);
// 4th request
$ch = curl_init("http://hisnet.handong.edu/for_student/main.php");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_COOKIEFILE, $ckfile);
curl_setopt($ch, CURLOPT_REFERER, "http://hisnet.handong.edu/main.php");
$ch = curl_init("http://hisnet.handong.edu/haksa/hakjuk/HHAK110M.php");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_COOKIEFILE, $ckfile);
curl_setopt($ch, CURLOPT_REFERER, "http://hisnet.handong.edu/for_student/main.php");
$result = curl_exec($ch);
$result = iconv("EUC-KR", "UTF-8", $result);
curl_close($ch);
// Access result read
$html = str_get_html($result);
// Connect with DB
require_once "Config_DB.php";
$db = new DB_Control();
$link = $db->DBC();
$sql1 = "SELECT * FROM student WHERE id = '{$this->his_id}'";
$outcome = mysqli_query($link, $sql1);
$check = mysqli_num_rows($outcome);
// Hisnet login success
if (is_object($html->find('.tblcationTitlecls', 1))) {
$table = $html->find('.tblcationTitlecls', 1)->parent()->parent();
$td_id = $table->children(1)->children(1)->innertext;
$td_birth = $table->children(0)->children(3)->innertext;
$temp_id = preg_replace("/[^0-9]*/s", "", $td_id);
$stu_id = substr($temp_id, 1, 9);
$stu_name = $html->find('strong', 0)->innertext;
$stu_birth = substr($td_birth, 0, 6);
$td_phone = $table->children(4)->children(3);
$temp = $td_phone->find("input");
foreach ($temp as $t) {
$phone_num = $t->value;
}
if ($outcome) {
//Encryption for security
$key = KEY;
$s_vector_iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_3DES, MCRYPT_MODE_ECB), MCRYPT_RAND);
$en_str = mcrypt_encrypt(MCRYPT_3DES, $key, $this->his_pw, MCRYPT_MODE_ECB, $s_vector_iv);
$encryption = bin2hex($en_str);
//Login success but no data in DB
if ($check == 0) {
$sql = "INSERT INTO student (id,pw,name,stu_id,phone_num)\n VALUES ('{$this->his_id}','{$encryption}','{$stu_name}','{$stu_id}','{$phone_num}')";
if ($link->query($sql) === TRUE) {
header("location:Service.php");
exit;
}
}
}
session_write_close();
exit;
} else {
header("location:Main.php");
exit;
}
// Delete temp file after using
unlink($ckfile);
}
