public function handle_login($table_name, $account, $pwd, $recaptcha) { $response = ""; if ($account == "" || $pwd == "" || $recaptcha == "") { $response = "post-error"; } else { $link = $this->link_db(); $sql = "SELECT pwd FROM " . $table_name . " WHERE stu_number = :account"; $rs = $link->prepare($sql); $rs->execute(array(":account" => $account)); $user = $rs->fetch(PDO::FETCH_ASSOC); if (count($user) != 1) { $response = "login-error"; } else { if ($this->hash_verify($pwd, $user["pwd"])) { $sess = new my_session(); $sess->set_session("student", $account); $response = "login-success"; } else { $response = "login-error"; } } $link = null; } return $response; }
public function handle_chief_login($account, $pwd, $recaptcha) { $response = null; $link = null; if ($account == "" || $pwd == "" || $recaptcha == "") { $response = "post-error"; } else { $link = $this->link_db(); if ($link == null) { $response = "cannot link db."; } else { $link = $this->link_db(); $sql = "SELECT pwd FROM sport_chief67 WHERE account = :account"; $rs = $link->prepare($sql); $rs->execute(array(":account" => $account)); $user = $rs->fetch(PDO::FETCH_ASSOC); if (count($user) != 1) { $response = "login-error"; } else { if ($this->hash_verify($pwd, $user["pwd"])) { $sess = new my_session(); $sess->set_session("chief", $account); $response = "login-success"; } else { $response = "login-error"; } } $link = null; } } return $response; }