|
|
|
@ -1,16 +1,11 @@ |
|
|
|
<?php |
|
|
|
// ini_set('display_errors', 'off'); |
|
|
|
ini_set('display_errors', 'off'); |
|
|
|
|
|
|
|
// 維護專用 |
|
|
|
// include "maintenance.php"; |
|
|
|
// $maintenancePeriod = "2023-11-17 15:30 AM 至 17:30 PM"; |
|
|
|
// $maintenancePage = new MaintenancePage($maintenancePeriod); |
|
|
|
// $maintenancePage->displayPage(); |
|
|
|
header("Expires: Mon, 26 Jul 1990 05:00:00 GMT"); |
|
|
|
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); |
|
|
|
header("Cache-Control: no-store, no-cache, must-revalidate"); |
|
|
|
header("Cache-Control: post-check=0, pre-check=0", false); |
|
|
|
header("Pragma: no-cache"); |
|
|
|
|
|
|
|
function CreateToken($user_id, $user_name) |
|
|
|
{ |
|
|
|
@ -38,15 +33,15 @@ if (isset($_REQUEST["function_name"])) { |
|
|
|
/** |
|
|
|
* 連線T8 MSSQL |
|
|
|
*/ |
|
|
|
// try { |
|
|
|
// $conn = new PDO("sqlsrv:Server=10.10.145.2;Database=T8MASADA", "masada", "@m222222"); |
|
|
|
// if ($conn) { |
|
|
|
// $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); |
|
|
|
// } |
|
|
|
// } catch (PDOException $e) { |
|
|
|
// //echo "fail"; |
|
|
|
// //echo $e->getMessage(); |
|
|
|
// } |
|
|
|
try { |
|
|
|
$conn = new PDO("sqlsrv:Server=erp.masada.com.tw;Database=T8MASADA", "masada", "ztPmPP!HRoV6SL3E"); |
|
|
|
if ($conn) { |
|
|
|
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); |
|
|
|
} |
|
|
|
} catch (PDOException $e) { |
|
|
|
//echo "fail"; |
|
|
|
//echo $e->getMessage(); |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -59,22 +54,37 @@ if (isset($_REQUEST["function_name"])) { |
|
|
|
* $login_dt 登入時間 |
|
|
|
* $user_auth 使用權限:1,2,3 |
|
|
|
*****************************/ |
|
|
|
$token = $_REQUEST["token"]; |
|
|
|
$token = isset($_REQUEST["token"]) ? $_REQUEST["token"] : ""; |
|
|
|
|
|
|
|
if (count(explode(".", $token)) > 1) { |
|
|
|
$token_link = "token=" . $_REQUEST["token"]; |
|
|
|
list($user_id, $enc_user_name, $login_dt) = explode(".", $token); |
|
|
|
$user_name = urldecode(base64_decode($enc_user_name)); |
|
|
|
} else { |
|
|
|
$referrer = isset($_GET['referer']) ? $_GET['referer'] : ""; |
|
|
|
date_default_timezone_set('Asia/Taipei'); |
|
|
|
$currentTimestamp = time(); |
|
|
|
$hashReferer = ""; |
|
|
|
for ($i = -3; $i <= 3; $i++) { |
|
|
|
$modifiedTimestamp = strtotime("$i seconds", $currentTimestamp); |
|
|
|
$formattedTime = date("Y-m-d H:i:s", $modifiedTimestamp); |
|
|
|
$hashReferer .= md5("https://bpm.masada.com.twMasada@2023" . $formattedTime); |
|
|
|
} |
|
|
|
if (strpos($hashReferer, $referrer)) { |
|
|
|
$user_id = !empty($_GET["employee_no"]) ? $_GET["employee_no"] : $user_id; |
|
|
|
$login_dt = !empty($_GET["timestamp"]) ? substr($_GET["timestamp"], 0, 10) : $login_dt; |
|
|
|
$login_dt = date('Y-m-d H:i:s', $login_dt); |
|
|
|
// 藍凌超連結過來 token 設置永久 |
|
|
|
$login_dt = (date("Y") + 100) . "-12-31 23:59:59"; |
|
|
|
$user_name = accountid2name()[$user_id]; |
|
|
|
$token = CreateToken($user_id, $user_name); |
|
|
|
$token_link = "token=" . $token; |
|
|
|
} else { |
|
|
|
echo "非法訪問!"; |
|
|
|
echo "<script>location.href='/wms/login.php'</script>"; |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
include 'IncludeCommon.php'; |
|
|
|
$includecommon = new IncludeCommon(); |
|
|
|
$accounttype = getAccounttype($link, $user_id); |
|
|
|
|
