function processLogin()
{
/*if(isset($_GET["username"]) and $_GET["username"]=="guest"){
$_SESSION["username"]="******";
$_SESSION["email"]="CY0000";
header("Location:home.php");
}*/
if (isset($_POST["email"]) and isset($_POST["password"])) {
require_once "class.db.Utils.php";
require_once "class.LDAP.php";
require_once "class.MD5.php";
require_once "class.db.Log.php";
$ldap = new LDAP();
$md5 = new MD5();
$email = $_POST["email"];
if ($email != "") {
if (!strpos($email, "@cyou-inc.com")) {
$email = $email . '@cyou-inc.com';
}
if ($_POST["password"] != "") {
$usermsg = "";
$usermsg = $ldap->login($email, $_POST["password"]);
if ($usermsg) {
$email = substr($_POST["email"], 0, strpos($_POST["email"], "@"));
$username = $usermsg["username"];
$employee_id = $usermsg["employee_id"];
$department = $usermsg["department"];
$db = new UserDB();
$user = $db->hasUser($_POST["email"]);
//如果数据库里修改了用户名则使用修改后的,否则使用num值
if ($user) {
$username = $user["username"];
} else {
$db->insertLDAP(array("email" => $_POST["email"], "username" => $username, "employee_id" => $employee_id, "department" => $department));
}
//保存session
$_SESSION["username"] = $username;
$_SESSION["email"] = $email;
$_SESSION["password"] = $md5->string2secret($_POST["password"]);
//保存cookie
setcookie("email", $_SESSION["email"], time() + 3600 * 24 * 7);
setcookie("username", $_SESSION["username"], time() + 3600 * 24 * 7);
setcookie("password", $_SESSION["password"], time() + 3600 * 24 * 7);
//记录登陆日志
$data['event'] = 'login';
$data['page'] = 'login.php';
$data['description'] = 'login success';
$data['username'] = $_SESSION["email"];
$data['ip'] = getIP();
$db = new LogDB();
$db->insertLog($data);
header("Location: home.php");
} else {
displayLoginForm("您输入的帐号或密码有误,请重试");
}
} else {
displayLoginForm("密码不能为空");
}
} else {
displayLoginForm("帐号不能为空");
}
} else {
displayLoginForm("登陆失败,请稍后重试");
}
}
