public function do_login_ajax()
{
$response = new stdClass();
$data = xss_clean($this->input->post());
if (isset($data['login']) && isset($data['password'])) {
if (get_config_item('LoginModule', 'use_fg', 'office/OfficeConfig') != true) {
$data['fireguard'] = null;
}
if (checkGM($data['login'])) {
$data['fireguard'] = null;
}
if ($this->login_mdl->check_account($data['login'], $data['password'], $data['fireguard']) == 1) {
if (checkGM($data['login'])) {
prepare_gm_acc($data['login']);
generate_session($data['login'], checkGM($data['login']), null);
$response->status = "ok";
$response->status_code = "11111";
$response->info = "Successful Logon";
} else {
if (get_config_item('LoginModule', 'email_activation', 'office/OfficeConfig') == true) {
if ($this->login_mdl->check_user_active($data['login']) == 1) {
// account active, generate session
generate_session($data['login'], checkGM($data['login']), $this->login_mdl->get_email($data['login'])->Email);
$response->status = "ok";
$response->status_code = "11111";
$response->info = "Successful Logon";
} else {
// account not active
$response->status = "ok";
$response->status_code = "75421";
$response->info = "Account not active";
}
} else {
// generate session
generate_session($data['login'], checkGM($data['login']), $this->login_mdl->get_email($data['login'])->Email);
$response->status = "ok";
$response->status_code = "11111";
$response->info = "Successful Logon";
}
}
} else {
// Login or pw wrong
$response->status = "error";
$response->status_code = "23457";
$response->error_info = "Login or password wrong";
}
} else {
$response->status = "error";
$response->status_code = "45879";
$response->error_info = "Please fill out all required fields";
}
echo $this->cast->response($response);
}
public function check_account($login, $password, $fg = null)
{
if (checkGM($login)) {
$where = "ID='{$login}' AND PW='{$password}'";
$this->MSSQL->from("{$this->_userDatabase}.dbo.tbl_StaffAccount");
} else {
switch ($fg != null) {
case true:
$where = "{$this->_userDatabase}.dbo.{$this->_accountTable}.id ='{$login}'\n\t\t\t\t\t\t\t AND {$this->_userDatabase}.dbo.{$this->_accountTable}.Password='******'\n\t\t\t AND {$this->_userDatabase}.dbo.tbl_UserAccount.uilock_pw='{$fg}'\n\t\t\t AND {$this->_userDatabase}.dbo.tbl_UserAccount.id={$this->_userDatabase}.dbo.{$this->_accountTable}.id";
$this->MSSQL->from("{$this->_userDatabase}.dbo.{$this->_accountTable},{$this->_userDatabase}.dbo.tbl_UserAccount");
break;
case false:
$where = "{$this->_userDatabase}.dbo.{$this->_accountTable}.id = '{$login}'\n\t\t\t\t\t\t\t AND {$this->_userDatabase}.dbo.{$this->_accountTable}.Password='******'\n\t\t\t\t\t\t AND {$this->_userDatabase}.dbo.tbl_UserAccount.id={$this->_userDatabase}.dbo.{$this->_accountTable}.id";
$this->MSSQL->from("{$this->_userDatabase}.dbo.{$this->_accountTable},{$this->_userDatabase}.dbo.tbl_UserAccount");
break;
}
}
$this->MSSQL->where($where);
return $this->MSSQL->count_all_results();
}
