public function LoginProcess()
{
global $DB, $GLOB;
if (isset($_REQUEST['user_id']) && $_REQUEST['user_id'] != "" && isset($_REQUEST['user_pass']) && $_REQUEST['user_pass'] != "") {
$userID = $_REQUEST['user_id'];
$userPwd = md5($_REQUEST['user_pass']);
} else {
$out = new HtmlOutput();
$out->Login();
exit;
}
if ($data = $DB->query("SELECT * FROM member WHERE account='{$userID}'")) {
$data = $data[0];
if ($userPwd == $data['password']) {
if ($data['active_status'] == '0') {
//chua kich hoat
$GLOB->login_status = "Tai khoan chua kich hoat, vui long lien he admin";
$out = new HtmlOutput();
$out->Login();
exit;
} else {
//ok
$_SESSION['logined'] = true;
$_SESSION['acc_type'] = $data['acc_type'];
$_SESSION['member'] = $data['account'];
$_SESSION['member_id'] = $data['id'];
$_SESSION['member_svgv'] = $data['svgv'];
if ($data['acc_type'] == "1" || $data['acc_type'] == "2") {
$out = new HtmlOutput();
$out->AdminMainPage();
exit;
}
if ($data['acc_type'] == "3") {
$out = new HtmlOutput();
$out->Home();
exit;
}
}
} else {
$GLOB->login_status = "Wrong password";
$out = new HtmlOutput();
$out->Login();
exit;
}
} else {
$GLOB->login_status = "{$userID}: Account not found";
$out = new HtmlOutput();
$out->Login();
exit;
}
return;
}
public function Admin()
{
if (isset($_SESSION['logined'])) {
if ($_SESSION['acc_type'] == '1' || $_SESSION['acc_type'] == '2') {
if (isset($_REQUEST['view'])) {
switch ($_REQUEST['view']) {
case 'book':
$this->BookManager();
break;
case 'member':
$this->MemberManager();
break;
default:
$out = new HtmlOutput();
$out->AdminMainPage();
exit;
break;
}
} else {
$out = new HtmlOutput();
$out->AdminMainPage();
exit;
return;
}
} else {
$out = new HtmlOutput();
$out->HackerGetOut();
exit;
return;
}
} else {
$out = new HtmlOutput();
$out->Login();
exit;
return;
}
}
