File: /home/cafsindia/hrms_allyindian_com/application/controllers/Login.php
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
require './phpmailer/src/Exception.php';
require './phpmailer/src/PHPMailer.php';
require './phpmailer/src/SMTP.php';
use phpmailer\PHPMailer\PHPMailer;
use phpmailer\PHPMailer\Exception;
class Login extends CI_Controller {
public function __construct(){
parent::__construct();
$this->load->model('Module');
$this->load->config('config');
$this->load->model('Otp_model');
//$this->recaptcha_enable = (int) $this->db->select('recaptcha_enable')->limit(1)->get('cw_company_information')->row()->recaptcha_enable;
}
public function index(){
$this->login();
}
//IF LOGGED ID IS EXIST IN SESSION LOGGED IN
public function login(){
if($this->is_logged_in()){
redirect('home');
}else{
$this->form_validation->set_rules('username', 'lang:login_undername', 'callback_login_check');
$this->form_validation->set_error_delimiters('<div class="error">', '</div>');
if($this->form_validation->run() == FALSE){
$data['company_info'] = $this->Module->get_company_info();
$data['recaptcha_site_key'] = $this->config->item('recaptcha_site_key');
$data['recaptcha_enable'] = $this->recaptcha_enable;
$this->load->view('login',$data);
}else{
redirect('home');
}
}
}
public function is_logged_in(){
return ($this->session->userdata('logged_id') != FALSE);
}
//FOR UNAUTHORIZED LOGIN !
public function unauthorized(){
$logged_id = $this->session->userdata('logged_id');
$logged_user_role = $this->session->userdata('logged_user_role');
$random_number = $this->GenerateRandomNumber();
$update_qry = 'UPDATE cw_employees SET PASSWORD = "'.$random_number.'", trans_status = 0 WHERE prime_employees_id = "'.$logged_id.'"';
$query = $this->db->query("CALL sp_a_run ('UPDATE','$update_qry')");
$this->session->sess_destroy();
redirect('login');
}
//CHANGING PASSWORD FOR UNAUTHORIZED LOGIN !
public function GenerateRandomNumber(){
$min = 1000;
$max = 9999;
$gen_random = rand($min, $max);
$prefix = 'UNKNOWN';
$randomNumber = $prefix . $gen_random;
return $randomNumber;
}
// EMPLOYEE LOGIN
public function corp_login(){
$user_name = $this->input->post('corp_user_name');
$password = $this->input->post('corp_password');
$enc_pass = $this->Module->cryptoEncrypt(md5($password)); // [MS 08-11-2024]
// $enc_pass = md5($password); // [MS 08-11-2024]
$new_password = $this->input->post('new_password');
$confirm_password = $this->input->post('confirm_password');
$cur_status = $this->input->post('cur_status');
$otp = $this->input->post('corp_otp');
$captcha_response = $this->input->post('g-recaptcha-response') ?: '';
if((int)$cur_status === 1 || (int)$cur_status === 4){
unset($SESSION['username']);
}
// USERNAME VERIFICATION ON EMPLOYEE TABLE _ARN
$query = $this->db->get_where('employees', array('user_name' => $user_name,'trans_status' => 1), 1);
if($query->num_rows() === 0){
echo json_encode(['success'=>false,'message'=>'Please enter correct username']);
exit(0);
}
$cur_sts_arr = array("0","1","3");
//FIRST LOGIN 4,5,6,7,8 IS FOR FORGOT PASSWORD
if((int)$cur_status === 4 || (int)$cur_status === 6 || (int)$cur_status === 7){
// THIS FOR CAPTCHA _ARN 29-08-2025
if((int)$cur_status !== 7){
$this->confirmation($user_name,'forget_pass',$captcha_response);
}
$this->forgot_pass($user_name,$confirm_password,$cur_status,$otp,$captcha_response);
}else
if((int)$cur_status === 2 || (int)$cur_status === 5){
if((int)$otp > 0 ){
$this->corp_login_otp($cur_status,$otp,$captcha_response);
}else{
$this->confirmation($user_name,'otp',$captcha_response);
}
}else
if(in_array($cur_status,$cur_sts_arr)){
$query = $this->db->get_where('employees', array('user_name' => $user_name, 'password' =>$enc_pass, 'trans_status' => 1), 1);
if($query->num_rows() == 1){
$logged_user_info = $query->row();
$employees_id = $logged_user_info->prime_employees_id;
$first_time_login = $logged_user_info->first_time_login;
$personal_email = $logged_user_info->personal_email_id;
$company_email = $logged_user_info->company_email_id;
$mobile_number = $logged_user_info->mobile_number;
$active_status = (int)$logged_user_info->termination_status;
$login_with_otp = (int)$logged_user_info->login_with_otp;
$resend = "generate_otp";
//ONLY ACTIVE EMPLOYEES SHOULD LOGIN
if($active_status === 1){
echo json_encode(array('success' => false, 'message' => "You are not an Authorised Employee..! Please Contact Admin?"));
exit(0);
}else{
//CHECK CONMPANY INFORMATION SMS_OTP BY [MS 10-07-2024]
$is_sms_otp_qry = 'SELECT sms_otp FROM cw_company_information';
$is_sms_otp_query = $this->db->query($is_sms_otp_qry);
$is_sms_otp_rslt = $is_sms_otp_query->result();
$sms_otp = $is_sms_otp_rslt[0]->sms_otp;// [ CONTAIN 1 OR 2 ]
$login_otp = $this->randomOTP($resend);//for creating random otp
//FOR SMS CONTENT
//get content by template id
$get_sms_cont_qry = 'SELECT sms_content,template_id FROM cw_sms_content WHERE sms_for = "otp"';
$get_sms_cont_query = $this->db->query($get_sms_cont_qry);
$get_sms_cont_rslt = $get_sms_cont_query->result();
$sms_content = $get_sms_cont_rslt[0]->sms_content;
$template_id = $get_sms_cont_rslt[0]->template_id;
$pattern = '/@otp@/';
$sms_content = preg_replace($pattern,$login_otp,$sms_content);
if($company_email){
$login_email = $company_email;
}else{
$login_email = $personal_email;
}
if($first_time_login == 3 ){
echo json_encode(array('success' =>'success', 'message' => 'Please Enter New Password..','cur_status' =>6));
}else{
if($login_with_otp === 1 && (int)$cur_status === 0){
if($sms_otp === "1"){//FOR SMS [MS 10-07-2024]
if($sms_content !== ''){
$send_sms = $this->Module->trigger_sms($mobile_number,$sms_content,$template_id);
if($send_sms){
$set_session = $this->set_session_fn($login_otp,$user_name,$password,$login_email,$mobile_number);
echo json_encode(array('success' =>'success', 'message' => 'Successfully OTP Sent Through SMS','cur_status' =>9));
}else{
echo json_encode(array('success' =>false, 'message' => 'SMS NOT SENT','cur_status' =>$first_time_login));
}
}else{
echo json_encode(array('success' =>false, 'message' => 'SMS Content is empty'));
}
}else{//FOR MAIL
$otp_code_msg = $this->send_otp_mail($login_email,$user_name,$password,$resend);
if($otp_code_msg['success'] === true){
echo json_encode(array('success' => $otp_code_msg['success'], 'message' => $otp_code_msg['message'],'cur_status' =>9));
}else{
echo json_encode(array('success' => $otp_code_msg['success'], 'message' => $otp_code_msg['message']));
}
}
}else
if((int)$first_time_login === 1 && (int)$cur_status === 0 && $login_with_otp !== 1) {
if($sms_otp === "1"){//FOR SMS [MS 10-07-2024]
if($sms_content !== ''){
$send_sms = $this->Module->trigger_sms($mobile_number,$sms_content,$template_id);
if($send_sms){
$set_session = $this->set_session_fn($login_otp,$user_name,$password,$login_email,$mobile_number);
echo json_encode(array('success' =>'success', 'message' => 'Successfully OTP Sent Through SMS','cur_status' =>$first_time_login));
}else{
echo json_encode(array('success' =>false, 'message' => 'SMS NOT SENT','cur_status' =>$first_time_login));
}
}else{
echo json_encode(array('success' =>false, 'message' => 'SMS Content is empty'));
}
}else{//FOR MAIL
$otp_code_msg = $this->send_otp_mail($login_email,$user_name,$password,$resend);
if($otp_code_msg['success'] === true){
echo json_encode(array('success' => $otp_code_msg['success'], 'message' => $otp_code_msg['message'],'cur_status' =>$first_time_login));
}else{
echo json_encode(array('success' => $otp_code_msg['success'], 'message' => $otp_code_msg['message']));
}
}
}else // CHANGED PASSWORD UPDATE ON DATATBASE
if((int)$first_time_login === 1 && (int)$cur_status === 3 && $login_with_otp !== 1) {
$get_update = $this->Module->update_password($employees_id,$confirm_password,'login');
if($get_update) {
$this->set_session_value("EMPLOYEE",$logged_user_info);
echo json_encode(array('success' => TRUE, 'message' => "Updated and Login Success !!!",'cur_status'=>'3'));
}
}else{
if($login_with_otp === 1 && (int)$cur_status === 1){
$sess_user_name = $_SESSION['user_name'];
$session_otp = $_SESSION['login_otp'];
// CHECK FOR FORGOT PASSWORD OTP CHECK
if((int)$session_otp !== (int)$otp){
// THIS FOR CAPTCHA _ARN 29-08-2025
$this->confirmation($user_name,'otp',$captcha_response);
}else
if($user_name !== $sess_user_name){
// THIS FOR CAPTCHA _ARN 29-08-2025
$this->confirmation($user_name,'username',$captcha_response);
}else{
$this->set_session_value("EMPLOYEE",$logged_user_info);
echo json_encode(array('success' => TRUE, 'message' => "Login Success !!!",'cur_status' => 3));
}
}else{
$this->set_session_value("EMPLOYEE",$logged_user_info);
echo json_encode(array('success' => TRUE, 'message' => "Login Success !!!",'cur_status' => "0"));
}
}
}
}
}else{
// THIS FOR CAPTCHA _ARN 29-08-2025
$this->confirmation($user_name,'username',$captcha_response);
}
}else{
echo json_encode(array('success' => false, 'message' => "Url Expired.. Please refresh the page and try again.."));
}
}
// SET ALL SESSION VALUE FOR EMPLOYEE
public function set_session_value($logged_type,$logged_user_info){
// REASET THE VALUES ON SUCCESS TIME
$this->Otp_model->reset($logged_user_info->user_name);
if($logged_type === "EMPLOYEE"){
$this->session->set_userdata('logged_type',$logged_type);
$this->session->set_userdata('logged_id', $logged_user_info->prime_employees_id);
$this->session->set_userdata('logged_role', $logged_user_info->role);
$this->session->set_userdata('logged_user_role', $logged_user_info->user_right);
$this->session->set_userdata('logged_emp_code', $logged_user_info->employee_code);
$this->session->set_userdata('logged_device_code', $logged_user_info->device_code);
$this->session->set_userdata('logged_branch', $logged_user_info->branch);
$this->session->set_userdata('logged_department', $logged_user_info->department);
$this->session->set_userdata('logged_offer_reference_no', $logged_user_info->offer_reference_no);
$this->session->set_userdata('logged_appointment_reference_no', $logged_user_info->appointment_reference_no);
$this->session->set_userdata('access_data', $this->get_all_access($logged_type,$logged_user_info->prime_employees_id));
}
}
//FUNCTION FOR RESEND OTP
public function resend_otp(){
$user_name = $_SESSION['user_name'];
$password = $_SESSION['password'];
$login_email = $_SESSION['email'];
$mobile_number = $_SESSION['mobile_number'];
$resend = "resend_otp";
//[MS 10-07-2024]
$is_sms_otp_qry = 'SELECT sms_otp FROM cw_company_information';
$is_sms_otp_query = $this->db->query($is_sms_otp_qry);
$is_sms_otp_rslt = $is_sms_otp_query->result();
$sms_otp = $is_sms_otp_rslt[0]->sms_otp;// [ CONTAIN 1 OR 2 ]
//FOR SMS CONTENT
//get content by template id
$get_sms_cont_qry = 'SELECT sms_content,template_id FROM cw_sms_content WHERE sms_for = "otp"';
$get_sms_cont_query = $this->db->query($get_sms_cont_qry);
$get_sms_cont_rslt = $get_sms_cont_query->result();
if($sms_otp === "1"){
$login_otp = $this->randomOTP($resend);//for creating random otp
$sms_content = $get_sms_cont_rslt[0]->sms_content;
$template_id = $get_sms_cont_rslt[0]->template_id;
$pattern = '/@otp@/';
$sms_content = preg_replace($pattern,$login_otp,$sms_content);
//RESEND OTP THROUGH SMS
$send_sms = $this->Module->trigger_sms($mobile_number,$sms_content,$template_id);
if($send_sms){
$set_session = $this->set_session_fn($login_otp,$user_name,$password,$login_email,$mobile_number);
echo json_encode(array('success' =>'success', 'message' => 'Successfully OTP Resent Through SMS','cur_status' =>$first_time_login));
}else{
echo json_encode(array('success' =>false, 'message' => 'SMS NOT SENT','cur_status' =>$first_time_login));
}
}else{//RESEND OTP THROUGH MAIL
$otp_code_msg = $this->send_otp_mail($login_email,$user_name,$password,$resend);
echo json_encode(array('success' => $otp_code_msg['success'], 'message' => $otp_code_msg['message'],'resend_otp'=>"2"));
}
// }else{
// echo json_encode(array('success' => false, 'message' => "Invalid user name / password"));
// }
}
public function corp_login_otp($cur_status,$otp,$captcha_response){
$user_name = $_SESSION['user_name'];
$session_otp = $_SESSION['login_otp'];
$now = time();
// THIS FOR CAPTCHA _ARN 29-08-2025
$otp_status = $this->Otp_model->get_status($user_name);
$otp_attempts = $otp_status['attempts'];
$otp_lock_time = $otp_status['lock_time'] ? strtotime($otp_status['lock_time']) : 0;
if($otp_lock_time && $now < $otp_lock_time){
$wait = ceil(($otp_lock_time - $now)/60);
echo json_encode(['success' => false,'message' => "Too many failed OTP attempts. Please try again after $wait minute(s).",'locked' => true,'wait_minutes' => $wait]);
exit(0);
}
// CHECK FOR FORGOT PASSWORD OTP CHECK
if((int)$session_otp === (int)$otp){
// WHERE CONDITION CHECK ONLY USERNAME (FORGOT PASSWORD OPTION ONLY HAVE USERNAME)
/* if((int)$cur_status === 5){
if($query->num_rows() == 1){
$logged_user_info = $query->row();
echo json_encode(array('success' => TRUE, 'message' => "OTP Verified !!!",'cur_status'=>"6"));
}
}else{ //FOR MAIL OTP CHECK FOR FIRST TIME LOGIN USER
$query = $this->db->get_where('employees', array('user_name' => $user_name, 'password' => md5($password), 'trans_status' => 1), 1);
if($query->num_rows() == 1){
echo json_encode(array('success' => TRUE, 'message' => "OTP Verified !!!",'cur_status'=>"2"));
}
}
*/
$qry = array('user_name' => $user_name, 'trans_status' => 1);
if((int)$cur_status === 5){
$first_log = 6;
}else{
$first_log = 2;
}
$query = $this->db->get_where('employees', $qry, 1);
if($query->num_rows() == 1){
$this->Otp_model->reset($user_name);
echo json_encode(array('success' => TRUE, 'message' => "OTP Verified !!!",'cur_status'=>$first_log));
}else{
// THIS FOR CAPTCHA _ARN 29-08-2025
$this->confirmation($user_name,'username',$captcha_response);
}
}else{
// Lock after 5 attempts // THIS FOR CAPTCHA _ARN 29-08-2025
if($otp_attempts >= 5){
$this->Otp_model->set_lock($user_name, 15);
echo json_encode(['success' => false,'message' => 'Too many failed OTP attempts. Login is locked for 15 minutes.','locked' => true,'wait_minutes' => 15]);
exit(0);
}else{
// THIS FOR CAPTCHA _ARN 29-08-2025
$this->confirmation($user_name,'otp',$captcha_response);
}
}
}
public function forgot_pass($user_name,$confirm_password,$cur_status,$otp,$captcha_response){
$query= $this->db->get_where('employees', array('user_name' => $user_name), 1);
$user_info = $query->row();
$first_time_login = $user_info->first_time_login;
$emp_id = $user_info->prime_employees_id;
$trans_status = $user_info->trans_status;
$sess_user_name = $_SESSION['user_name'];
if((int)$trans_status !== 1){
echo json_encode(array('success' => false, 'message' => "User Blocked.. Please Contact Admin.."));
}else
if($query->num_rows() == 1){
// IF 7 PASSWORD UPDATE ON DB (FORGOT PASSWORD BASED FUNCTION)
if((int)$cur_status === 7){
if($first_time_login == 3 && $cur_status == 7){
$get_update = $this->Module->update_password($emp_id,$confirm_password,'login');
if($get_update) {
$this->set_session_value("EMPLOYEE",$user_info);
echo json_encode(array('success' => TRUE, 'message' => "Updated and Login Success !!!",'cur_status'=>'8'));
}
}else{
//Need to check session OTP
$session_otp = $_SESSION['login_otp'];
if($user_name !== $sess_user_name){
// THIS FOR CAPTCHA _ARN 29-08-2025
$this->confirmation($user_name,'username',$captcha_response);
}else
if((int)$session_otp === (int)$otp){
$get_update = $this->Module->update_password($emp_id,$confirm_password,'login');
if($get_update){
$this->set_session_value("EMPLOYEE",$user_info);
echo json_encode(array('success' => TRUE, 'message' => "Updated and Login Success !!!",'cur_status'=>'8'));
}
}else{
// THIS FOR CAPTCHA _ARN 29-08-2025
$this->confirmation($user_name,'otp',$captcha_response);
}
}
}else
if(((int)$cur_status === 4) || (((int)$cur_status === 6) && ($user_name === $sess_user_name))){
// FORGOT PASSWORD MAIL OTP
$logged_user_info = $query->row();
$personal_email = $logged_user_info->personal_email_id;
$company_email = $logged_user_info->company_email_id;
$mobile_number = $logged_user_info->mobile_number;//FOR SEND SMS FUNCTION
$resend = "generate_otp";
if($company_email){
$login_email = $company_email;
}else{
$login_email = $personal_email;
}
//[MS 10-07-2024] SMS
$is_sms_otp_qry = 'SELECT sms_otp FROM cw_company_information';
$is_sms_otp_query = $this->db->query($is_sms_otp_qry);
$is_sms_otp_rslt = $is_sms_otp_query->result();
$sms_otp = $is_sms_otp_rslt[0]->sms_otp;// [ CONTAIN 1 OR 2 ]
//FOR SMS CONTENT
//get content by template id
$get_sms_cont_qry = 'SELECT sms_content,template_id FROM cw_sms_content WHERE sms_for = "otp"';
$get_sms_cont_query = $this->db->query($get_sms_cont_qry);
$get_sms_cont_rslt = $get_sms_cont_query->result();
if($sms_otp === "1"){
$login_otp = $this->randomOTP($resend);//for creating random otp
$sms_content = $get_sms_cont_rslt[0]->sms_content;
$template_id = $get_sms_cont_rslt[0]->template_id;
$pattern = '/@otp@/';
$sms_content = preg_replace($pattern,$login_otp,$sms_content);
//RESEND OTP THROUGH SMS
$send_sms = $this->Module->trigger_sms($mobile_number,$sms_content,$template_id);
if($send_sms){
$set_session = $this->set_session_fn($login_otp,$user_name,$password,$login_email,$mobile_number);
$otp_code_msg['success'] = true;
$otp_code_msg['message'] = "Successfully OTP Sent Through SMS";
}else{
$otp_code_msg['success'] = false;
$otp_code_msg['message'] = "OTP Not Sent Through SMS";
}
}else{
$otp_code_msg = $this->send_otp_mail($login_email,$user_name,$password,$resend);
}
if($otp_code_msg['success'] === true){
echo json_encode(array('success' => $otp_code_msg['success'], 'message' => $otp_code_msg['message'],'cur_status'=>"4"));
}else{
echo json_encode(array('success' => $otp_code_msg['success'], 'message' => $otp_code_msg['message']));
}
}else{
// THIS FOR CAPTCHA _ARN 29-08-2025
$this->confirmation($user_name,'username',$captcha_response);
}
}else{
// THIS FOR CAPTCHA _ARN 29-08-2025
$this->confirmation($user_name,'username',$captcha_response);
}
}
// GET ALL ACCESS FOR EMPLOYEE
public function get_all_access($logged_type,$logged_id){
if($logged_type === "EMPLOYEE"){
$this->db->select('permission_id,access_add,access_update,access_delete,access_search,access_export,access_import');
$this->db->from('grants');
$this->db->where('prime_employees_id', $logged_id);
$access_rslt = $this->db->get()->result();
}
$access_info = array();
if($access_rslt){
foreach($access_rslt as $key=>$value){
$permission_id = $value->permission_id;
$access_add = $value->access_add;
$access_update = $value->access_update;
$access_delete = $value->access_delete;
$access_search = $value->access_search;
$access_export = $value->access_export;
$access_import = $value->access_import;
$access_info[$permission_id] = array("access_add"=>$access_add,"access_update"=>$access_update,"access_delete"=>$access_delete,"access_search"=>$access_search,"access_export"=>$access_export,"access_import"=>$access_import);
}
}
return $access_info;
}
//PRODUCT KEY IS UPDATED
public function productkey_save(){
$company_name = $this->input->post('company_name');
$product_key_1 = $this->input->post('product_key_1');
$product_key_2 = $this->input->post('product_key_2');
$product_key_3 = $this->input->post('product_key_3');
$product_key_4 = $this->input->post('product_key_4');
$product_key = $product_key_1."".$product_key_2."".$product_key_3."".$product_key_4;
$activated_date = date("Y-m-d");
if($product_key){
$curl_rslt = $this->curl($company_name,$product_key);
$product_key = $curl_rslt[0]['product_key'];
$activated_date = $curl_rslt[0]['activated_date'];
$expire_date = $curl_rslt[0]['expire_date'];
$product_info = array('company_name'=>$company_name,'product_key'=>$product_key,'activated_date'=>$activated_date,'expire_date'=>$expire_date);
$product_rslt = $this->Module->productkey_save($product_info);
if($product_rslt){
echo json_encode(array('success' => TRUE, 'message' => "Product is activated!!!"));
}else{
echo json_encode(array('success' => false, 'message' => "Invalid Credential"));
}
}else{
echo json_encode(array('success' => false, 'message' => "Invalid Credential"));
}
}
public function curl($company_name,$product_key){
$product_rslt = $this->Module->get_company_info();
$product_api = $product_rslt[0]->product_api;
$url = $product_api."?reason=generate_key&gen_key=12345&com_info=".$company_name."&key=".$product_key;
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_URL,$url);
$result = curl_exec($ch);
curl_close($ch);
return json_decode($result,true);
}
//FUNCTION FOR OTP GENERATION
public function randomOTP($resend){
$login_otp = "";
if($resend === "generate_otp"){
$login_otp = rand(100000, 999999);
}else
if($resend === "resend_otp"){
$login_otp = $_SESSION['login_otp'];
}
return $login_otp;
}
//FUNCTION FOR MAIL OTP
public function send_otp_mail($login_email,$user_name,$login_password,$resend){
$login_otp = $this->randomOTP($resend);
if($login_email){
$config_query = 'SELECT smtp_server,sender_name,bcc,port_no,sender_email,mail_username,mail_password FROM cw_mail_configurations WHERE trans_status = 1';
$config_info = $this->db->query("CALL sp_a_run ('SELECT','$config_query')");
$config_result = $config_info->result();
$config_info->next_result();
$smtp_server = $config_result[0]->smtp_server;
$sender_name = $config_result[0]->sender_name;
$port_no = $config_result[0]->port_no;
$sender_email = $config_result[0]->sender_email;
$username = $config_result[0]->mail_username;
$password = $config_result[0]->mail_password;
try{
$mail = new PHPMailer();
$mail->SMTPDebug = 0;
$mail->IsSMTP();
$mail->Host = $smtp_server; // Your SMTP PArameter
$mail->Port = $port_no; // Your Outgoing Port
$mail->SMTPAuth = true; // This Must Be True
$mail->Username = $username; // Your Email Address
$mail->Password = $password; // Your Password
$mail->SMTPSecure = 'tls'; // Check Your Server's Connections for TLS or SSL
$mail->From = $sender_email;
$mail->FromName = $sender_name;
$mail->AddAddress($login_email);
$mail->IsHTML(true);
$mail->Subject = 'Smart Hrms (OTP)';
$message_body = date("d-M-Y H:i:s").'<p> Your One Time Password(OTP) : <b style = "color:blue;">'.$login_otp.'</b>. For Verify Your Login From </p>
<p>smart hrms</p>';
$mail->Body = $message_body;
$mail = $mail->Send();
if($mail){
$status = 1;
}else{
$status = 0;
}
}catch(phpmailerException $e){
$status = 0;
return array('success'=>false,'message'=>"Mail Not Sent");
}catch(Exception $e){
$status = 0;
return array('success'=>false,'message'=>"Mail Not Sent");
}
if($status){
//TO STORE A SESSION FOR GET A USER NAME AND PASSWORD
$set_session = $this->set_session_fn($login_otp,$user_name,$login_password,$login_email,$mobile_number);
if($set_session){
return array('success'=>true,'message'=>"Successfully OTP Send to Your Mail !!");
}else{
return array('success'=>false,'message'=>"Session Not Set !!");
}
}else{
return array('success'=>false,'message'=>"Mail Not Sent");
}
}else{
return array('success'=>false,'message'=>"Email ID Not Exist.. Please Contact HR..!!");
}
}
//FUNCTION FOR SET SESSION DATA
public function set_session_fn($login_otp,$user_name,$login_password,$login_email,$mobile_number){
$this->session->set_userdata('login_otp', $login_otp);
$this->session->set_userdata('user_name', $user_name);
$this->session->set_userdata('password', $login_password);
$this->session->set_userdata('email', $login_email);
//for resend sms
$this->session->set_userdata('mobile_number',$mobile_number);
return true;
}
// VERIFY RECAPTCHA TOKEN CHECKS _ARN
public function verify_recaptcha($token){
if(empty($token)){
return false;
}
// Use secret from CI config: add to application/config/config.php $config['recaptcha_secret_key'] = '...';
$secret = $this->config->item('recaptcha_secret_key');
if(empty($secret)){
return false;
}
$verify_url = "https://www.google.com/recaptcha/api/siteverify?secret=".$secret."&response=".$token;
$response = @file_get_contents($verify_url);
if(!$response){
return false;
}
$resp = json_decode($response, true);
return isset($resp['success']) && $resp['success'] == true;
}
// CONFIRMATION RECAPTCHA ON THE TIME LOGIN _ARN
public function confirmation($user_name,$process,$captcha_response){
if($this->recaptcha_enable === 1){
$this->Otp_model->increment_attempt($user_name);
$otp_status = $this->Otp_model->get_status($user_name);
$otp_attempts = $otp_status['attempts'];
}
// THIS FOR CAPTCHA _ARN 29-08-2025
if($process === 'forget_pass' && $this->recaptcha_enable === 1){
if(!$this->verify_recaptcha($captcha_response)){
echo json_encode(['success'=>false,'message'=>'Please complete the captcha to continue','recaptcha_required'=>true,'attempts' => $otp_attempts]);
exit(0);
}
}else
if($process === 'otp'){
if($otp_attempts >= 3){
if(!$this->verify_recaptcha($captcha_response)){
echo json_encode(['success'=>false,'message'=>'Invalid OTP. Please complete the captcha to continue','recaptcha_required'=>true,'attempts' => $otp_attempts]);
exit(0);
}else{
echo json_encode(['success' => false,'message' => 'Invalid OTP.']);
}
}else{
echo json_encode(array('success' => false, 'message' => "Invalid OTP.."));
}
}else
if($process === 'username'){
if($otp_attempts >3){
if(!$this->verify_recaptcha($captcha_response)){
echo json_encode(['success'=>false,'message'=>'Invalid user name / Password. Please complete the captcha to continue','recaptcha_required'=>true,'attempts' => $otp_attempts]);
exit(0);
}else{
echo json_encode(['success' => false,'message' => 'Invalid User name / Password']);
}
}else{
echo json_encode(array('success' => false, 'message' => "Invalid User name / Password.."));
}
}
}
}
?>