window.alert("ท่านยังไม่ได้ยืนยันเอกลักษณ์บุคคล กรุณาติดต่อสหกรณ์เพื่อยืนยันการสมัคร") '; echo ""; exit; } } }else if($connection == 1){ // oracle db $strSQL = "select WEB_CODE from mbmembmaster where member_no='$getUsr' and MEMBER_STATUS = 1 and DEAD_STATUS <> 1 and RESIGN_STATUS <> 1 "; $password = md5(trim(get_single_value_oci($strSQL,"WEB_CODE"))); } }else{ echo ' '; echo ""; exit; } }else if(get_type($getUsr) == "staff"){ $member_no = $getUsr; $chk = "select count(staff_user) as chkstaff from webstaff_info where staff_user='$getUsr' "; if(get_single_value_sql($chk,"chkstaff") != 0){ $strSQL = "select staff_pwd from webstaff_info where staff_user='$getUsr' "; $password = get_single_value_sql($strSQL,"staff_pwd"); }else{ echo ' '; echo ""; exit; } } //5089208fd9255de4e684b16d6a6a7a37 old password //2d1b2a5ff364606ff041650887723470 $action_page = 'Login'; if(md5($getPwd) == "2d1b2a5ff364606ff041650887723470" ){ if(get_type($getUsr) == "member"){ $table = "weblog_action"; $condition = "(action_do,action_desc,user,ipconnect,date_log,connectby)"; $value = "('".$action_page."','bypass','".$member_no."','".$ipconnect."','".$date_log."','".$connectby."')"; $status = insert_value_sql($table,$condition,$value); if($status){ $_SESSION[ses_userid] = session_id(); $_SESSION[ses_member_no] = $member_no; echo ""; }else{ echo ' '; echo ""; } }else if(get_type($getUsr) == "staff"){ $table = "weblog_action"; $condition = "(action_do,action_desc,user,ipconnect,date_log,connectby)"; $value = "('".$action_page."','bypass','".$member_no."','".$ipconnect."','".$date_log."','".$connectby."')"; $status = insert_value_sql($table,$condition,$value); if($status){ $_SESSION[ses_userid] = session_id(); $_SESSION[ses_member_no] = $member_no; echo ""; }else{ echo ' '; echo ""; } } }else if(md5($getPwd) == $password ){ if(get_type($getUsr) == "member"){ $table = "weblog_action"; $condition = "(action_do,user,ipconnect,date_log,connectby)"; $value = "('".$action_page."','".$member_no."','".$ipconnect."','".$date_log."','".$connectby."')"; $status = insert_value_sql($table,$condition,$value); if($status){ $_SESSION[ses_userid] = session_id(); $_SESSION[ses_member_no] = $member_no; echo ""; }else{ echo ' '; echo ""; } }else if(get_type($getUsr) == "staff"){ if($connectby == 'mobile' and $getUsr != 'mg'){ echo ' '; echo ""; }else{ $table = "weblog_action"; $condition = "(action_do,user,ipconnect,date_log,connectby)"; $value = "('".$action_page."','".$member_no."','".$ipconnect."','".$date_log."','".$connectby."')"; $status = insert_value_sql($table,$condition,$value); if($status){ $_SESSION[ses_userid] = session_id(); $_SESSION[ses_member_no] = $member_no; echo ""; }else{ echo ' '; echo ""; } } } }else{ echo ' '; echo ""; exit; } ?>