gary_wms/wms/loginapi.php

<?php
// 载入db.php来连结资料库
// error_reporting(E_ALL);#
ini_set("display_errors", "On");
date_default_timezone_set("Asia/Taipei");
// require_once "database.php";
require_once dirname(__FILE__) . "/../mkt/database.php";
include 'IncludeCommon.php';

if (!empty($_REQUEST["account"]) && !empty($_REQUEST["password"])) {
    $account = $_REQUEST["account"];
    $password = $_REQUEST["password"];
    $redirect = empty($_REQUEST["redirect"]) ? "" : $_REQUEST["redirect"];
    $includecommon = new IncludeCommon();
    $data = array(); # 设置一个空阵列来放资料is
    $sql = "SELECT * FROM account where ((accountid = '$account') and (pwd = '$password'))"; # sql语法存在变数中
    $data = mysqli_query($link, $sql); # 用mysqli_query方法执行(sql语法)将结果存在变数中
    $row = mysqli_fetch_array($data, MYSQLI_ASSOC);
    $accounttype = $row['accounttype'];
    $user_name = $row['name'];
    // 修正小寫登入 token 會帶入小寫的bug //M0117修改于 2023/07/31 13:45
    $accountid = strtoupper($row['accountid']);
    if (strlen($accounttype) != 0) {
        // B=保養員 M=永佳捷員工 E=管理員
        if ($accounttype == "B" || $accounttype == "M" || $accounttype == "E" || $accounttype == "W") {
            $token = $includecommon->CreateToken($accountid, $user_name);
            $response_result = ['list' => ''];  // $includecommon->menu('tw',$accounttype); // 获取当前角色下的菜单 //P0044修改于 2023/06/13 17:40
            $response_menu = $includecommon->menu_v3($accountid, $accounttype);  // 依帳號檢視功能目錄(暫時全開:menu.status=Y)
            if (is_array($response_result["list"])) {
                for ($i = 0; $i < count($response_result["list"]); $i++) {
                    $response_result["list"][$i]["path"] = $response_result["list"][$i]["path"] . "?token=" . $token;
                }
            }
            $response_result["note"] = "success";
            $response_result["token"] = $token;
            //setcookie('token',$token);
            //$domain = ($_SERVER['HTTP_HOST'] != 'localhost') ? $_SERVER['HTTP_HOST'] : false;
            //setcookie('ecur', base64_encode($account), time()+86400, '/', $domain); // 加密過的登入帳號，用來做資料庫查詢

            // 下屬員工
            $farr = [];
            $sqlm = "select accountid from account where manager = '$account'";
            $res_m = mysqli_query($link, $sqlm);
            while ($row_m = mysqli_fetch_row($res_m)) {
                $farr[] = $row_m[0];
            }
            mysqli_free_result($res_m);

            /*
            $_mem["id"]     = $account;             // 登入帳號
            $_mem["type"]   = $row["accounttype"];  // 帳號別
            $_mem["name"]   = $row["name"];         // 姓名
            $_mem["follow"] = implode(",", $farr);  // 下屬員工
            $_mem["login"]  = date("Y-m-d H:i:s");  // 登入時間
            setcookie("_mem", serialize($_mem));
            */
            $includecommon->save_log_response('web', $account, $response_result); //创建登录日志
            $jsonres['code'] = '200';
            $jsonres['token'] = $token;
            $jsonres['name'] = $user_name;
            $jsonres['login'] = date("Y-m-d H:i:s");  // 登入時間
            $jsonres['uid'] = $account;
            $jsonres['menu'] = $response_menu;
            $jsonres['redirect'] = $redirect;
            echo  json_encode($jsonres);
        } else {
            $jsonres['code'] = '1';
            echo  json_encode($jsonres);
        }
    } else {
        $jsonres['code'] = '1';
        echo  json_encode($jsonres);
    }
    mysqli_close($link); #代表结束连线
}