public function Login($name, $passwd)
{
$access = false;
$data_org = new FileData();
$l = fopen('system/log.dat', 'a+');
$result = mysql_query("SELECT * FROM users WHERE login='******'");
if ($myuser = mysql_fetch_array($result)) {
if (md5($passwd) == $myuser['passwdhash']) {
$access = true;
$this->name = $name;
$this->organizationid = $myuser['orgnizid'];
//echo'id='.$myuser['orgnizid'];
$this->hashpasswd = md5($passwd);
$this->id_user = $myuser['id'];
$this->viewgroup = $myuser['viewgroup'];
$this->viewname = $myuser['viewname'];
$this->privilege = $myuser['privilege'];
$orgname = $data_org->LoadOrganizationFoID($myuser['orgnizid']);
//print_r($orgname);
$this->organization = $orgname[0];
$this->organizationlastname = $orgname[1];
unset($_SESSION["login"]);
unset($_SESSION["pwd"]);
$_SESSION['login'] = $this->name;
$_SESSION['pwd'] = $this->hashpasswd;
//fwrite($l,"user:$name login Sucses \n"); //запись в лог файл
$this->sendlog("user:{$name} login Sucses");
}
} elseif (!isset($_SESSION['login']) && !isset($_SESSION['pwd'])) {
echo 'нет такого пользователя!!!';
$this->sendlog("user:{$name} bad login");
}
if (isset($_SESSION['login']) && isset($_SESSION['pwd']) && !$access) {
$result = mysql_query("SELECT * FROM users WHERE login='******'login']}'");
$myuser = mysql_fetch_array($result);
if ($myuser && $_SESSION['pwd'] == $myuser['passwdhash']) {
$access = true;
$this->name = $myuser['login'];
$this->organizationid = $myuser['orgnizid'];
$this->hashpasswd = $_SESSION['pwd'];
$this->id_user = $myuser['id'];
$this->viewgroup = $myuser['viewgroup'];
$this->viewname = $myuser['viewname'];
$this->email = $myuser['email'];
$this->privilege = $myuser['privilege'];
$orgname = $data_org->LoadOrganizationFoID($myuser['orgnizid']);
$this->organization = $orgname[0];
$this->organizationlastname = $orgname[1];
}
}
if (!$access) {
$this->sendlog("user: {$name} login failed");
// $t=date("Y-m-d H:i:s");
// fwrite($l,"$t user:$name login failed \n");
}
fclose($l);
return $access;
}