displayPage();
function CreateToken($user_id, $user_name)
{
date_default_timezone_set("Asia/Taipei");
$start_time = date("Y-m-d H:i:s");
$end_time = date('Y-m-d H:i:s', strtotime('+24 hour')); #设定24小时
$info = $user_id . '.' . base64_encode(urlencode($user_name)) . '.' . $start_time . '.' . $end_time; //设置token过期时间为一天
$encryption_code = "MASADA!^***";
//根据以上信息信息生成签名(密钥为 SIGNATURE 自定义全局常量)
$signature = hash_hmac('md5', $info, $encryption_code);
//最后将这两部分拼接起来,得到最终的Token字符串
return $token = $info . '.' . $signature;
}
require_once dirname(__FILE__) . "/../mkt/database.php";
include "fun_global.php";
if (isset($_REQUEST["function_name"])) {
$function_name = $_REQUEST["function_name"];
$function_flag = True;
} else {
$function_name = "";
$function_flag = False;
}
/**
* 連線T8 MSSQL
*/
// try {
// $conn = new PDO("sqlsrv:Server=220.130.203.251;Database=T8MASADA", "M0225", "IFFBU1E=");
// if ($conn) {
// $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
// }
// } catch (PDOException $e) {
// //echo "fail";
// //echo $e->getMessage();
// }
/*****************************
* global:
* $token
* $token_link 含token的連結
* $user_id 使用者ID
* $user_name 使用者姓名
* $login_dt 登入時間
* $user_auth 使用權限:1,2,3
*****************************/
$token = isset($_REQUEST["token"]) ? $_REQUEST["token"] : "";
if (count(explode(".", $token)) > 1) {
$token_link = "token=" . $_REQUEST["token"];
list($user_id, $enc_user_name, $login_dt) = explode(".", $token);
$user_name = urldecode(base64_decode($enc_user_name));
} else {
$referrer = isset($_GET['referer']) ? $_GET['referer'] : "";
date_default_timezone_set('Asia/Taipei');
$currentTimestamp = time();
$hashReferer = "";
for ($i = -3; $i <= 3; $i++) {
$modifiedTimestamp = strtotime("$i seconds", $currentTimestamp);
$formattedTime = date("Y-m-d H:i:s", $modifiedTimestamp);
$hashReferer .= md5("https://bpm.masada.com.twMasada@2023" . $formattedTime);
}
if (strpos($hashReferer, $referrer)) {
$user_id = !empty($_GET["employee_no"]) ? $_GET["employee_no"] : $user_id;
$login_dt = !empty($_GET["timestamp"]) ? substr($_GET["timestamp"], 0, 10) : $login_dt;
$login_dt = date('Y-m-d H:i:s', $login_dt);
// 藍凌超連結過來 token 設置永久
$login_dt = (date("Y") + 100) . "-12-31 23:59:59";
$user_name = accountid2name()[$user_id];
$token = CreateToken($user_id, $user_name);
$token_link = "token=" . $token;
} else {
echo "非法訪問!";
echo "";
}
}
include 'IncludeCommon.php';
$includecommon = new IncludeCommon();
$accounttype = getAccounttype($link, $user_id);
$login_json = null;
if (strlen($accounttype) != 0) {
$jsonres['menu'] = $includecommon->menu_v3($user_id, $accounttype);
$login_json = json_encode($jsonres, JSON_UNESCAPED_UNICODE);
}
?>
Masada後臺系統