From 93a1332f4d30391a7fa3dbfa9a47a1a7d096e3bb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E1=84=8B=E1=85=A2=E1=84=91=E1=85=B3=E1=86=AF=20=E1=84=82?= =?UTF-8?q?=E1=85=A9=E1=84=90=E1=85=B3=E1=84=87=E1=85=AE=E1=86=A8?= Date: Thu, 19 Jul 2018 11:46:40 +0900 Subject: [PATCH] Fix: fail to login - not activated, over date --- src/web/module/maestro_section_login.html | 1 + src/web/server/maestro/login.php | 73 +++++++++++++++-------- 2 files changed, 49 insertions(+), 25 deletions(-) diff --git a/src/web/module/maestro_section_login.html b/src/web/module/maestro_section_login.html index 97c8c65..9a9f6f1 100644 --- a/src/web/module/maestro_section_login.html +++ b/src/web/module/maestro_section_login.html @@ -11,6 +11,7 @@ function login() { (jsonData) => { maestroID = jsonData["maestroID"]; sessionStorage.setItem("maestroID", maestroID); + location.href = './../maestro/main_menu.html'; }, diff --git a/src/web/server/maestro/login.php b/src/web/server/maestro/login.php index 6b441a8..37fe4df 100644 --- a/src/web/server/maestro/login.php +++ b/src/web/server/maestro/login.php @@ -4,70 +4,93 @@ header("Content-Type: application/json"); include "./../lib/send_reply_json.php"; include "./../setup/connect_db.php"; -$maestro_name = $_POST["maestro_name"]; +$maestroName = $_POST["maestro_name"]; $password = $_POST["password"]; -/* -if(!is_numeric($enterCode)) { - send_error_code("생년월일이 숫자가 아닙니다. : ".$enterCode); - exit; -} else if(strlen($enterCode) != 6) { - send_error_code("6자리 숫자값을 정확히 입력하세요 : YYMMDD (예 : 120131) : ".$enterCode); - exit; -} -*/ -$maestro_id = get_maestro_id($maestro_name); -if($maestro_id === null) { + +$maestroID = get_maestro_id($maestroName); +if($maestroID === null) { set_error_code("not_registered_id"); set_error_message("등록되지 않은 마에스트로 아이디입니다."); send_result_fail(); exit; } -$login_data = login($maestro_name, $password); -if($login_data === null || $login_data[maestroID] === null) { +$loginData = login($maestroName, $password); + +$date = new DateTime($loginData[availableActivateDateTime]); +$now = new DateTime(); +if($loginData === null) { + set_error_code("no_data"); + set_error_message("로그인하지 못했습니다."); + send_result_fail(); + exit; +} else if($loginData[activateStatus] === 0) { + set_error_code("over_date"); + set_error_message("마에스트로 계정이 아직 활성화되지 않았습니다."); + send_result_fail(); + exit; +} else if($loginData[activateStatus] === 1 && $date < $now) { + set_error_code("over_date"); + $date = new DateTime($loginData[availableActivateDateTime]); + set_error_message("마에스트로 계정의 유효기간이 지났습니다. : ".$date->format("Y-m-d H:i:s")); + send_result_fail(); + exit; +} else if($loginData[maestroID] === null) { set_error_code("wrong_password"); set_error_message("비밀번호가 틀렸습니다."); send_result_fail(); exit; } -set_data("maestroID", $login_data[maestroID]); +set_data("maestroID", $loginData[maestroID]); +set_data("activateStatus", $loginData[activateStatus]); +set_data("availableActivateDateTime", $loginData[availableActivateDateTime]); send_result_success(); exit; -function get_maestro_id($maestro_name) { +function get_maestro_id($maestroName) { global $db_conn; - $query = "SELECT MaestroID FROM moty_maestro WHERE Name=?"; + $query = " + SELECT MaestroID + FROM moty_maestro + WHERE Name = ? + "; $stmt = $db_conn->prepare($query); - $stmt->bind_param("s", $maestro_name); + $stmt->bind_param("s", $maestroName); $stmt->execute(); - $stmt->bind_result($maestro_id); + $stmt->bind_result($maestroID); // while($stmt->fetch()) { // ; // } $stmt->fetch(); $stmt->close(); - return $maestro_id; + return $maestroID; } -function login($maestro_name, $password) { +function login($maestroName, $password) { global $db_conn; - $query = "SELECT MaestroID FROM moty_maestro WHERE Name=? AND Password=PASSWORD(?)"; + $query = " + SELECT MaestroID, ActivateStatus, AvailableActivateDateTime + FROM moty_maestro + WHERE Name = ? AND Password = PASSWORD(?) + "; $stmt = $db_conn->prepare($query); - $stmt->bind_param("ss", $maestro_name, $password); + $stmt->bind_param("ss", $maestroName, $password); $stmt->execute(); - $stmt->bind_result($maestro_id); + $stmt->bind_result($maestroID, $activateStatus, $availableActivateDateTime); // while($stmt->fetch()) $stmt->fetch(); $stmt->close(); - $result["maestroID"] = $maestro_id; + $result["maestroID"] = $maestroID; + $result["activateStatus"] = $activateStatus; + $result["availableActivateDateTime"] = $availableActivateDateTime; return $result; }