96 lines
2.8 KiB
PHP
96 lines
2.8 KiB
PHP
<?php
|
|
namespace App\Controllers;
|
|
use CodeIgniter\Cookie\Cookie;
|
|
use DateTime;
|
|
|
|
helper('cookie');
|
|
class Auth extends BaseController {
|
|
|
|
public function login() {
|
|
$data['userid'] = get_cookie('userid');
|
|
$data['password'] = get_cookie('password');
|
|
if ($this->request->getMethod() === 'POST') {
|
|
$userid = $this->request->getVar('userid');
|
|
$password = $this->request->getVar('password');
|
|
$remember = $this->request->getVar('remember');
|
|
|
|
$data['userid'] = $userid;
|
|
$data['password'] = $password;
|
|
|
|
$db = \Config\Database::connect();
|
|
$sql = "SELECT u.USERID, u.USERNAME, u.USERINITIALS, u1.PASSWORD
|
|
FROM USERS u
|
|
left join cmod.dbo.CM_USERS u1 on u.USERID=u1.USERID
|
|
WHERE u.USERID='$userid'";
|
|
$query = $db->query($sql);
|
|
$result = $query->getResultArray();
|
|
$row = $result[0];
|
|
if(isset($row)) {
|
|
$qpassword = $row['PASSWORD'];
|
|
$userid = $row['USERID'];
|
|
$username = $row['USERNAME'];
|
|
$userinitials = $row['USERINITIALS'];
|
|
// if pass empty then first login / reset password
|
|
$data['password']=$password;
|
|
$data['qpassword']=$qpassword;
|
|
if( password_verify($password, $qpassword) || $qpassword == '' ) {
|
|
if($qpassword == '') { session()->setFlashdata('alertmsg', 'Please change your <b>password</b> first...'); }
|
|
if( isset($data['remember']) ) {
|
|
$time = 30*24*60*60;// 30days
|
|
set_cookie ("userid", $data['userid'], $time);
|
|
set_cookie ("password", $data['password'], $time);
|
|
set_cookie ("remember", $data['remember'], $time);
|
|
//echo "cookie set";
|
|
} else {
|
|
delete_cookie ("userid");
|
|
delete_cookie ("password");
|
|
delete_cookie ("remember");
|
|
}
|
|
$sessiondata = [
|
|
'userid' => $userid,
|
|
'userinitials' => $userinitials,
|
|
'username' => $username,
|
|
];
|
|
session()->set( $sessiondata );
|
|
return redirect()->to('/');
|
|
} else {
|
|
session()->setFlashdata('error', 'Password not valid');
|
|
return view('auth_login',$data);
|
|
}
|
|
}
|
|
}
|
|
return view('auth_login',$data);
|
|
}
|
|
|
|
public function logout() {
|
|
session()->destroy();
|
|
return redirect()->to('/auth/login');;
|
|
}
|
|
|
|
public function setpass($userid) {
|
|
if ($this->request->getMethod() === 'POST') {
|
|
$password = $this->request->getPost('password');
|
|
$password = password_hash($password,PASSWORD_DEFAULT);
|
|
$db = \Config\Database::connect();
|
|
$sql = "update cmod.dbo.CM_USERS set PASSWORD='$password' where USERID='$userid'";
|
|
$db->query($sql);
|
|
return redirect()->to("/auth/login");
|
|
} else {
|
|
$data['userid'] = strtoupper($userid);
|
|
return view('auth_setpass', $data);
|
|
}
|
|
}
|
|
|
|
public function loginTD() {
|
|
$sessiondata = [
|
|
'userid' => 'SYSTEM',
|
|
'userinitials' => 'SYS',
|
|
'fullname' => 'SYSTEM',
|
|
];
|
|
|
|
session()->set( $sessiondata );
|
|
|
|
return redirect()->to('/');
|
|
}
|
|
}
|