function Req_Stu_Login($stu_id, $stu_pw) { // Connect with DB require_once "Config_DB.php"; $db = new DB_Control(); $link = $db->DBC(); $sql = "SELECT * FROM student WHERE id = '{$this->stu_id}'"; $result = mysqli_query($link, $sql); $check = mysqli_fetch_array($result); ###복호화### $key = KEY; $s_vector_iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_3DES, MCRYPT_MODE_ECB), MCRYPT_RAND); $password = mysqli_real_escape_string($link, $check['pw']); $de_str = pack("H*", $password); //hex로 변환한 ascii를 binary로 변환 $decoding = mcrypt_decrypt(MCRYPT_3DES, $key, $de_str, MCRYPT_MODE_ECB, $s_vector_iv); echo $decoding; if (mysqli_num_rows($result) > 0) { if (eregi("{$decoding}", "{$stu_pw}")) { $_SESSION['USER_NAME'] = $stu_id; $_SESSION['USER_PW'] = $stu_pw; header("location:Service.php"); echo "totally success"; exit; } else { header("location:Main.php"); } } else { echo "first time or no data"; $_SESSION['USER_NAME'] = $stu_id; $_SESSION['USER_PW'] = $stu_pw; header("location:agreement.php"); exit; } //DB Close mysqli_close($link); }
function Ins_Admin_Data() { // Connect with DB require_once "Config_DB.php"; $db = new DB_Control(); $link = $db->DBC(); $admin_id = 'admin'; $admin_pw = 'password'; //Encryption for security $key = KEY; $s_vector_iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_3DES, MCRYPT_MODE_ECB), MCRYPT_RAND); $en_str = mcrypt_encrypt(MCRYPT_3DES, $key, $admin_pw, MCRYPT_MODE_ECB, $s_vector_iv); $encryption = bin2hex($en_str); //Insert Data-manager table $sql = "INSERT INTO manager VALUES ('{$admin_id}', '{$encryption}')"; if ($link->query($sql) === TRUE) { // Print part - If you want result, remove '//' // echo "New record created successfully"; } else { // Print part - If you want result, remove '//' // echo "Error: " . $sql . "<br>" . $link->error; } $link->close(); }
<?php session_start(); // Connect with DB require_once "Config_DB.php"; $db = new DB_Control(); $link = $db->DBC(); //comment Header("Content-type: application/vnd.ms-excel"); Header("Content-type: charset=utf-8"); Header("Content-Disposition: attachment; filename=" . date("Y-m-d") . ".xls"); Header("Content-Description: PHP5 Generated Data"); Header("Pragma: no-cache"); Header("Expires: 0"); $qry = "SELECT * FROM `application`, `student` WHERE `application`.`his_id` = `student`.`id`"; $result = mysqli_query($link, $qry); ?> <!DOCTYPE html> <html> <head> <meta charset="utf-8"> </head> <body> <table border='1' cellpadding='2' cellspacing='5'> <thead> <th>이름</th> <th>학번</th> <th>이름</th> <th>전화번호</th> <th>인증 제도</th> <th>인증 항목</th> <th>비교과 과정</th>
/** * @function requestHisnet * @brief 히즈넷 서버에 로그인 요청을 보낸다. fsockopen() 사용 * 먼저 쿠키를 받아낸다. * 주의할 점은 /login.asp 와 /goMenu_eval.asp 그리고 /main.asp 3곳에 요청을 다 보내야 한다. (2012년 1월 31일 기준.) * 만약 히즈넷의 로그인 알고리즘이 바뀌면 이 부분을 수정해 주어야 한다. **/ function requestHisnet() { //Connect with DB session_start(); //simple_html_dom.php is needed to access hisnetpage information include 'simple_html_dom.php'; // Create temorary file for save cookies $ckfile = tempnam("/tmp", "CURLCOOKIE"); // POST data form for login $dataopost = array("Language" => "Korean", "f_name" => "", "id" => $this->his_id, "part" => "", "password" => $this->his_pw, "x" => 0, "y" => 0); // Access hisnet basic information // 1st request $ch = curl_init("http://hisnet.handong.edu/login/_login.php"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $dataopost); curl_setopt($ch, CURLOPT_COOKIEJAR, $ckfile); curl_setopt($ch, CURLOPT_REFERER, "http://hisnet.handong.edu/login/login.php"); $result = curl_exec($ch); curl_close($ch); // 2nd request $ch = curl_init("http://hisnet.handong.edu/login/goMenu_eval.php?cleaninet=1&language=Korean"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_COOKIEFILE, $ckfile); curl_setopt($ch, CURLOPT_REFERER, "http://hisnet.handong.edu/login/_login.php"); $result = curl_exec($ch); curl_close($ch); $dataopost = array("memo" => ""); // 3rd request $ch = curl_init("http://hisnet.handong.edu/main.php"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $dataopost); curl_setopt($ch, CURLOPT_COOKIEFILE, $ckfile); curl_setopt($ch, CURLOPT_REFERER, "http://hisnet.handong.edu/login/goMenu_eval.php?cleaninet=1&language=Korean"); $result = curl_exec($ch); curl_close($ch); // 4th request $ch = curl_init("http://hisnet.handong.edu/for_student/main.php"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_COOKIEFILE, $ckfile); curl_setopt($ch, CURLOPT_REFERER, "http://hisnet.handong.edu/main.php"); $ch = curl_init("http://hisnet.handong.edu/haksa/hakjuk/HHAK110M.php"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_COOKIEFILE, $ckfile); curl_setopt($ch, CURLOPT_REFERER, "http://hisnet.handong.edu/for_student/main.php"); $result = curl_exec($ch); $result = iconv("EUC-KR", "UTF-8", $result); curl_close($ch); // Access result read $html = str_get_html($result); // Connect with DB require_once "Config_DB.php"; $db = new DB_Control(); $link = $db->DBC(); $sql1 = "SELECT * FROM student WHERE id = '{$this->his_id}'"; $outcome = mysqli_query($link, $sql1); $check = mysqli_num_rows($outcome); // Hisnet login success if (is_object($html->find('.tblcationTitlecls', 1))) { $table = $html->find('.tblcationTitlecls', 1)->parent()->parent(); $td_id = $table->children(1)->children(1)->innertext; $td_birth = $table->children(0)->children(3)->innertext; $temp_id = preg_replace("/[^0-9]*/s", "", $td_id); $stu_id = substr($temp_id, 1, 9); $stu_name = $html->find('strong', 0)->innertext; $stu_birth = substr($td_birth, 0, 6); $td_phone = $table->children(4)->children(3); $temp = $td_phone->find("input"); foreach ($temp as $t) { $phone_num = $t->value; } if ($outcome) { //Encryption for security $key = KEY; $s_vector_iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_3DES, MCRYPT_MODE_ECB), MCRYPT_RAND); $en_str = mcrypt_encrypt(MCRYPT_3DES, $key, $this->his_pw, MCRYPT_MODE_ECB, $s_vector_iv); $encryption = bin2hex($en_str); //Login success but no data in DB if ($check == 0) { $sql = "INSERT INTO student (id,pw,name,stu_id,phone_num)\n VALUES ('{$this->his_id}','{$encryption}','{$stu_name}','{$stu_id}','{$phone_num}')"; if ($link->query($sql) === TRUE) { header("location:Service.php"); exit; } } } session_write_close(); exit; } else { header("location:Main.php"); exit; } // Delete temp file after using unlink($ckfile); }