/
home
/
efamember
/
domains
/
efa-member.com
/
public_html
/
up file
home
<?php session_start(); require("config/main_function.php"); $secure = "cAh3DrJACzw4RbU"; $connection = connectDB($secure); if ($connection) { // หา KEY /// $sql_key = "SELECT * FROM tbl_system_setting WHERE setting_id = '1';"; $rs_key = mysqli_query($connection, $sql_key) or die($connection->error); $row_key = mysqli_fetch_array($rs_key); $secure_key = $row_key['secure_text']; $username = mysqli_real_escape_string($connection, $_POST['username']); $password = mysqli_real_escape_string($connection, md5($_POST['password'])); if (strlen($username) > 0 && strlen($password) > 0) { $sql = "SELECT m.* ,md.member_name FROM tbl_member m LEFT JOIN tbl_member_detail md ON m.member_id = md.member_id WHERE m.username = '$username';"; $rs = mysqli_query($connection, $sql) or die($connection->error); $check = mysqli_num_rows($rs); $row = mysqli_fetch_array($rs); if ($check == 1) { // ถ้าเป็น Member //if ($row['login_status'] == '0') { /* 1 secure_text , secure_pointer */ $secure_text = $row['secure_text']; $secure_pointer = $row['secure_pointer']; $mypassword = stringInsert($password, $secure_text, $secure_pointer); if ($mypassword == $row['password']) { $member_name = $row['member_name']; $member_level = $row['member_level']; $register_type = $row['register_type']; $register_level = $row['register_level']; $username = $row['username']; $key = randomCode(10); // กุญแจ ////dfg4k7id50g $pointer = rand(0, 9); //5 //////////////////////////////////////////////////// // $update_time = date('Y-m-d H:i:s'); // $sql_login = "UPDATE tbl_member SET login_status ='1', update_time = '$update_time' WHERE username = '$username'"; // $res_login = mysqli_query($connection, $sql_login); // เอา Member_id เข้า Encode ก่อน $step_1 = bigsara_encode($row['member_id'], $key, $pointer); //Login Code // เอา Login Code ต่อคำกับ $step 1 $login_code = $step_1 . "." . $key; $arr['username'] = $username; $arr['login_code'] = $login_code; $arr['member_name'] = $member_name; $arr['member_level'] = $member_level; $arr['register_type'] = $register_type; $arr['register_level'] = $register_level; $arr['verify'] = $row['identificate_datetime']; $_SESSION['login_code'] = $login_code; $_SESSION['register_type'] = $register_type; $_SESSION['register_level'] = $register_level; $_SESSION['member_name'] = $member_name; $result = 1; } else { $result = 2; } // } else { // $result = 8; // } } else { $sql = "SELECT * FROM tbl_admin WHERE username = '$username';"; $rs = mysqli_query($connection, $sql) or die($connection->error); $row = mysqli_fetch_array($rs); /* 1 secure_text , secure_pointer */ $secure_text = $row['secure_text']; $secure_pointer = $row['secure_pointer']; $mypassword = stringInsert($password, $secure_text, $secure_pointer); //if ($row['login_status'] == '0') { if ($mypassword == $row['password']) { $key = randomCode(10); // กุญแจ $pointer = rand(0, 9); // เอา Member_id เข้า Encode ก่อน $step_1 = bigsara_encode($row['admin_id'], $key, $pointer); //Login Code // เอา Login Code ต่อคำกับ $step 1 $login_code = $step_1 . "." . $key; $arr['login_code'] = $login_code; $arr['menu_access'] = $row['menu_access']; $arr['admin_name'] = $row['admin_name']; $_SESSION['menu_access'] = $row['menu_access']; $_SESSION['login_code'] = $login_code; $update_time = date('Y-m-d H:i:s'); $sql_login = "UPDATE tbl_admin SET login_status ='1' ,update_time = '$update_time' WHERE username = '$username'"; $res_login = mysqli_query($connection, $sql_login); $result = 4; } else { $result = 2; } // } else { // $result = 8; // } } } else { $result = 3; } } else { $result = 0; } // if($password == $row['password']){ // Login สำเร็จ // // $_SESSION['gmg_user_status'] = $row['status']; // $_SESSION['gmg_admin_status'] = $row['admin_status']; // $_SESSION['gmg_token'] = rand('000000000000','999999999999'); // $_SESSION['gmg_log_status'] = '11111'; // $_SESSION['gmg_team_id'] = $row['team_id']; // $_SESSION['gmg_fullname'] = $row['fullname']; // $_SESSION['gmg_position_status'] = $row['position_status']; // $_SESSION['gmg_group_id'] = $row['user_group_id']; // $_SESSION['gmg_open_work_status'] = $row['cancel_open_form_status']; // $_SESSION['gmg_open_work_mou_status'] = $row['cancel_open_form_status_mou']; // $_SESSION['gmg_user_id'] = $row['user_id']; // $_SESSION['gmg_remain_credit'] = $row['remain_credit']; // $_SESSION['gmg_image_profile'] = $row['image_profile']; // $result = 1; // } // else{ // รหัสผ่านไม่ถูกต้อง // // $result = 2; // } // } // else { // input null value // $result = 4; // } // } // else{ // $result = 5; // } // $arr['pass'] = $mypassword; $arr['result'] = $result; echo json_encode($arr);