118 lines
3.5 KiB
PHP
118 lines
3.5 KiB
PHP
<?php
|
|
namespace App\Models;
|
|
|
|
use CodeIgniter\Model;
|
|
|
|
class userAccess extends Model
|
|
{
|
|
protected $db;
|
|
public $con_name = 'mermsemr';
|
|
|
|
public function __construct()
|
|
{
|
|
parent::__construct();
|
|
//$db = \Config\Database::connect('mermsemr');
|
|
$this->db = \Config\Database::connect($this->con_name);
|
|
}
|
|
|
|
public function startLogin($in)
|
|
{
|
|
$sqlQ =
|
|
'SELECT m.id as member_id, m.*,mp.* FROM members m LEFT JOIN members_profile mp ON m.id=mp.member_id WHERE m.id =12';
|
|
|
|
$username = $in['username'];
|
|
$password = $in['password'];
|
|
$sqlQ = "SELECT m.id as member_id, m.*,mp.*
|
|
FROM members m LEFT
|
|
JOIN members_profile mp ON m.id=mp.member_id
|
|
WHERE LOWER(m.username) = LOWER('$username')
|
|
AND m.password=md5('$password') ";
|
|
|
|
$query = $this->db->query($sqlQ);
|
|
$data['profile_data'] = $query->getResultArray();
|
|
|
|
if (count($data['profile_data']) == 1) {
|
|
$data['profile_data'][0]['password'] = '**REMOVED**';
|
|
$member_id = $data['profile_data'][0]['member_id'];
|
|
$member_uid = $data['profile_data'][0]['uuid'];
|
|
return $inx = [
|
|
'session_token' => $this->generateSession($member_id),
|
|
'member_id' => $member_id,
|
|
'member_uuid' => $member_uid,
|
|
'profile' => $data['profile_data'][0],
|
|
'settings' => [],
|
|
'preferences' => [],
|
|
'status' => 1,
|
|
'raw_data' => $in,
|
|
];
|
|
} else {
|
|
return $inx = [
|
|
'session_token' => '',
|
|
'settings' => [],
|
|
'preferences' => [],
|
|
'status' => 0,
|
|
'raw_data' => $in,
|
|
'error_msg' => 'Invalid username or password',
|
|
];
|
|
}
|
|
}
|
|
|
|
private function generateSession($member_id)
|
|
{
|
|
$loc = $this->getIPAddress();
|
|
// do the seesion stuffs here - set up all permissions
|
|
$tk = '';
|
|
for ($i = 1; $i < 20; $i++) {
|
|
$tk .= rand(11111, 99999);
|
|
}
|
|
$sqlQ = "DELETE FROM members_session WHERE member_id = $member_id ";
|
|
$query = $this->db->query($sqlQ);
|
|
$sqlQ =
|
|
"INSERT INTO members_session (session,member_id,loc) VALUES('" .
|
|
$tk .
|
|
"'," .
|
|
$member_id .
|
|
",'" .
|
|
$loc .
|
|
"'
|
|
) ";
|
|
$query = $this->db->query($sqlQ);
|
|
|
|
// Create HX
|
|
$sqlQ =
|
|
"INSERT INTO members_login_hx (member_id,channel,loc) VALUES ($member_id,'Desktop','" .
|
|
$loc .
|
|
"')";
|
|
$this->db->query($sqlQ);
|
|
return $tk;
|
|
}
|
|
|
|
private function getIPAddress()
|
|
{
|
|
//whether ip is from the share internet
|
|
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
|
|
$ip = $_SERVER['HTTP_CLIENT_IP'];
|
|
}
|
|
//whether ip is from the proxy
|
|
elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
|
|
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
|
|
}
|
|
//whether ip is from the remote address
|
|
else {
|
|
$ip = $_SERVER['REMOTE_ADDR'];
|
|
}
|
|
return $ip;
|
|
}
|
|
}
|
|
|
|
/*
|
|
CREATE TABLE members_login_hx (
|
|
id SERIAL,
|
|
member_id INT REFERENCES members(id) NOT NULL,
|
|
channel VARCHAR(15),
|
|
added timestamp without time zone DEFAULT now(),
|
|
loc INET
|
|
);
|
|
ALTER TABLE ONLY members_login_hx
|
|
ADD CONSTRAINT members_login_hx_id_key UNIQUE (id);*/
|