'6LelsdAsAAAAALBiK4XNVcAE6sLTNcGPbgvawT8v', 'response' => $user_response ); $fields_string = http_build_query($fields); // 기존 루프 대신 더 안전한 방식 $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, 'https://www.google.com/recaptcha/api/siteverify'); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $fields_string); curl_setopt($ch, CURLOPT_RETURNTRANSFER, True); $result = curl_exec($ch); curl_close($ch); //echo "[$result]";exit; return json_decode($result, true); } if ($_SERVER["REMOTE_ADDR"] == "127.0.0.1") { $res['success'] = true; $res['score'] = 1.0; // 로컬은 만점 처리 } else { $res = post_captcha($_POST['g-recaptcha-response']); } if (!$res['success'] || (isset($res['score']) && $res['score'] < 0.5)) { addLog ("add", "USER", "LOGIN FAILED - CAPTCHA (Score: ".$res['score'].")", $lguserid, $confirmID, $lgno); $msg = " Verification failed. Please try again shortly."; $func -> modalMsg ($msg, ""); exit; } // End of Captcha $query = "select * from tbl_member where m_userid = '$confirmID' "; $result = $jdb->fQuery($query, "fetch query error"); //if (crypt($result[cypher],$result[salt]) == $confirmPW) { // echo "패스워드 확인!";exit; //} if ($_SERVER["REMOTE_ADDR"] == "127.0.0.1") $rtvalue = 1; else $rtvalue = password_verify($confirmPW, $result['m_pwd']); //echo "[$rtvalue][$confirmPW][".$result['m_pwd']."]"; if(!$result) { addLog ("add", "USER", "LOGIN FAILED - ID", $lguserid, $confirmID, $lgno); $msg = "'$confirmID' is not exist. Try again."; //$func -> alertBack($msg); $func -> modalMsg ($msg, ""); exit; }else if ($rtvalue != TRUE) { addLog ("add", "USER", "LOGIN FAILED - PASSWORD", $lguserid, $confirmPW, $lgno); $msg = "Password is incorrect."; //$func -> alertBack($msg); $func -> modalMsg ($msg, ""); exit; }else if ($result['m_status'] != "A") { addLog ("add", "USER", "LOGIN FAILED - STATUS", $lguserid, $confirmID, $lgno); $msg = "Please contact Administrator."; //$func -> alertBack($msg); $func -> modalMsg ($msg, ""); exit; } if ($rtvalue) { addLog ("add", "USER", "LOGIN SUCCESS", $confirmID, $query, $lgno); $_SESSION['ss_LOGIN'] = 1; $_SESSION['ss_UID'] = $result['m_uid']; // 1000000001,1000000002... $_SESSION['ss_ID'] = $result['m_userid']; // dustin@ebizple.com $_SESSION['ss_NAME'] = $result['m_firstname']; // Dustin $_SESSION['ss_DRUID'] = $result['m_currentdriver']; $_SESSION['ss_DRINITIAL'] = $result['m_currentdriverinitial']; // Level : m_level : Admin : 1, Manager : 3, Staff : 5, Accounting : 6, Operator : 7, Driver : 9 $_SESSION['ss_LEVEL'] = $result['m_level']; $_SESSION['ss_GROUP'] = $result['m_gid']; $today = $func -> PgetTime(0,0,4); $loginCnt = $result['m_loginnum']+1; $query = " update tbl_member set m_logindate = '$today', m_loginnum = '$loginCnt' where m_userid = '$result[m_userid]' "; //mysql_query($query); $jdb->nQuery($query, "update error"); //echo "[".$_SESSION[ss_LOGIN]."][".$_SESSION[ss_UID]."][".$_SESSION[ss_ID]."]";exit; $_SESSION['ss_FLAG'] = 1; if($destination != "") { echo""; exit; } //echo "LOGIN[$_SESSION[ss_FLAG]]";exit; echo""; exit; /* if ($_SESSION['ss_LEVEL'] == 9) { echo""; exit; } else { echo""; exit; } */ } } else if($action == "logout") { addLog ("add", "USER", "LOGOUT", $lguserid, $query, $lgno); session_destroy(); echo""; exit; } ?>