ORA_PConnect(); if (!$ora_res){ echo "
Error : " . htmlspecialchars($ora_obj->last_error_msg) . "
"; exit(); } if ($_REQUEST['action'] == "login") { $result = logMeIn($ora_obj); } else if ($_REQUEST['action'] == "logout") { $result = logMeOut(); } else { $result = -1; } echo $result; if ($ora_obj->conn) { $ora_obj->ORA_Close(); #echo "connection closed.
"; } function logMeOut(){ if (!is_null($_SESSION)) { session_destroy(); } return true; } function logMeIn(&$ora_obj){ $userData = verify_user($_REQUEST['loginid'], $_REQUEST['passwd']); if (strlen($userData) > 1) { $userRawArray = explode("\t",$userData); foreach ($userRawArray as $rkey => $rval) { list($key,$val) = explode('=',$rval); $userArray[0][$key]=$val; } foreach ($userArray as $ukey => $uval) { if ($uval['CHECK_LOGIN_COUNT'] == 0) { if ($uval['MASTER_STATUS'] != 'P') { if ($uval['STATUS'] ==='A' && $uval['MASTER_STATUS'] === 'A') { $result = 1; //success $session = 1; $_SESSION['KD_APPS'] = $uval['KD_APPS']; $_SESSION['KD_USER'] = $uval['KD_USER']; $_SESSION['NAMA_USER'] = $uval['NAMA_USER']; $_SESSION['KD_GROUP'] = $uval['KD_GROUP']; $_SESSION['NAMA_GROUP'] = $uval['NAMA_GROUP']; $_SESSION['STATUS'] = $uval['STATUS']; $_SESSION['MASTER_STATUS'] = $uval['MASTER_STATUS']; $_SESSION['KD_CABANG'] = $uval['KD_CABANG']; $_SESSION['MULTI_BRANCH'] = $uval['MULTI_BRANCH']; //$_SESSION['BRANCH_CODE'] = $uval['BRANCH_CODE']; $_SESSION['LAST_LOGIN'] = mktime(); $_SESSION['MENU'] = $uval['MENU']; $_SESSION['SCRIPT_ALLOW'] = getAllowableScript($uval['MENU']); } elseif ($uval['STATUS'] === 'D' || $uval['MASTER_STATUS'] === 'D') { $result = 4; // status disabled $session = 4; } elseif ($uval['STATUS'] === 'L' || $uval['MASTER_STATUS'] === 'L') { $result = 5; // status lock $session = 5; } } else { $_SESSION['KD_APPS'] = $uval['KD_APPS']; $_SESSION['KD_USER'] = $uval['KD_USER']; $_SESSION['NAMA_USER'] = $uval['NAMA_USER']; $_SESSION['KD_GROUP'] = $uval['KD_GROUP']; $_SESSION['NAMA_GROUP'] = $uval['NAMA_GROUP']; $_SESSION['STATUS'] = $uval['STATUS']; $_SESSION['MASTER_STATUS'] = $uval['MASTER_STATUS']; $_SESSION['LAST_LOGIN'] = mktime(); $_SESSION['MENU'] = $uval['MENU']; $_SESSION['SCRIPT_ALLOW'] = getAllowableScript($uval['MENU']); $result = 6; $session = 6; } } else { $attempt = $uval['MAX_LOGIN_COUNT'] - $uval['CHECK_LOGIN_COUNT']; if ($uval['CHECK_LOGIN_COUNT'] >= $uval['MAX_LOGIN_COUNT']) { $result = 5; // status lock $session = 5; } else { $result = 'Invalid Password, you have '.$attempt.' chance(s) to try'; $session = 2; // wrong password } } } } else { $result = 0; // user not registered $session = 0; } //if ($result == 1) { $user_login = $_REQUEST['loginid']; //$user_login = $_SESSION["KD_USER"]; $tgl_login = date('YmdHis'); $ip_login = gethostbyname($_SERVER['REMOTE_ADDR']); $sql = "INSERT INTO AUDIT_SESSION VALUES ('".$user_login."', SYSDATE, '".$ip_login."', '".$session."')"; $exec = $ora_obj->ORA_InsertData($sql,null); $ora_obj->ORA_Commit(); //} return $result; } function verify_user($loginid, $passwd){ $SERVER_ADDR = $_SERVER['SERVER_ADDR'] .':'.$_SERVER['SERVER_PORT']; $SERVER_ADDR = '10.0.1.82:80'; $USERMANPROG = "user_verification.php"; $sock = fsockopen("tcp://".USERMANAGERIP, USERMANAGERPORT, $errno, $errstr, 30); if (!$sock) die("$errstr ($errno)\n"); $data = "appsid=".urlencode(APPSID). "&loginid=".urlencode($loginid). "&passwd=".urlencode($passwd). "&addr=".$SERVER_ADDR. "&version=2"; fwrite($sock, "POST /user_verification.php HTTP/1.0\r\n"); fwrite($sock, "Host: $USERMANAGERIP\r\n"); fwrite($sock, "Content-type: application/x-www-form-urlencoded\r\n"); fwrite($sock, "Content-length: " . strlen($data) . "\r\n"); fwrite($sock, "Accept: */*\r\n"); fwrite($sock, "\r\n"); fwrite($sock, "$data\r\n"); fwrite($sock, "\r\n"); $headers = ""; while ($str = trim(fgets($sock, 4096))) $headers .= "$str\n"; $body = ""; while (!feof($sock)) $body .= fgets($sock, 4096); fclose($sock); return decompress($body); } function getAllowableScript($sessionMenu){ //$sessionMenu = $_SESSION['MENU']; if (!empty($sessionMenu)) { $tempMenuArrayLine = explode('-',$sessionMenu); //print_r($tempMenuArrayLine); if (count($tempMenuArrayLine) > 0) { foreach ($tempMenuArrayLine as $tkey => $tval) { $tempMenuArray = explode('|',$tval); if (count($tempMenuArray) > 0) { foreach ($tempMenuArray as $mkey => $mval) { list($menukey,$menuval) = explode('>',$mval); if ($menukey === 'LINK'){ $SCRIPT_ALLOW[$menuval] = 1; } //$menu[$menuCounter][$menukey] = $menuval; } //$menuCounter++; } } } } return $SCRIPT_ALLOW; } function decompress ($data){ $total = strlen($data); for ($j=0;$j<$total;$j=$j+2){ $text .= chr(hexdec(substr($data,$j,2))); } return $text; } function compress ($data){ $total = strlen($data); for ($i=0;$i<$total;$i++){ $temp = dechex(ord(substr($data,$i,1))); if (strlen($temp)<2) { $temp = '0'.$temp; } $text .= $temp; } return $text; } ?>