public function handle_login($table_name, $account, $pwd, $recaptcha)
{
$response = "";
if ($account == "" || $pwd == "" || $recaptcha == "") {
$response = "post-error";
} else {
$link = $this->link_db();
$sql = "SELECT pwd FROM " . $table_name . " WHERE stu_number = :account";
$rs = $link->prepare($sql);
$rs->execute(array(":account" => $account));
$user = $rs->fetch(PDO::FETCH_ASSOC);
if (count($user) != 1) {
$response = "login-error";
} else {
if ($this->hash_verify($pwd, $user["pwd"])) {
$sess = new my_session();
$sess->set_session("student", $account);
$response = "login-success";
} else {
$response = "login-error";
}
}
$link = null;
}
return $response;
}
public function handle_chief_login($account, $pwd, $recaptcha)
{
$response = null;
$link = null;
if ($account == "" || $pwd == "" || $recaptcha == "") {
$response = "post-error";
} else {
$link = $this->link_db();
if ($link == null) {
$response = "cannot link db.";
} else {
$link = $this->link_db();
$sql = "SELECT pwd FROM sport_chief67 WHERE account = :account";
$rs = $link->prepare($sql);
$rs->execute(array(":account" => $account));
$user = $rs->fetch(PDO::FETCH_ASSOC);
if (count($user) != 1) {
$response = "login-error";
} else {
if ($this->hash_verify($pwd, $user["pwd"])) {
$sess = new my_session();
$sess->set_session("chief", $account);
$response = "login-success";
} else {
$response = "login-error";
}
}
$link = null;
}
}
return $response;
}
