· 6 years ago · Jun 16, 2019, 04:44 PM
1<?php
2$postData = file_get_contents('php://input');
3$obj = json_decode($postData, true);
4$db_user = "";
5$db_pass = "";
6$db_host = "";
7$db_base = "";
8$db_table = "";
9$passcoloum = "";
10$usrcoloum = "";
11$permcoloum = "";
12$secretKEY = ""; //Поставить таким же как apiKey в конфиге
13$dsn = "mysql:host=$db_host;dbname=$db_base;charset=utf8";
14$opt = [
15 PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
16 PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
17 PDO::ATTR_EMULATE_PREPARES => false,
18 ];
19$db = new PDO($dsn, $db_user, $db_pass, $opt);
20$userinfo = $db -> query("SELECT * FROM " . $db_table . " WHERE" . $usrcoloum . " = " . $obj['username']);
21if ($obj['apiKey'] != $secretKEY) {
22$arr = array ('error' => "Ошибка ключа!");
23die (json_encode($arr));
24} else if ($obj['username'] == NULL || $obj['password'] == NULL || $obj['ip'] == NULL) {
25$arr = array ('error' => "Логин, IP или пароль не передан!");
26die (json_encode($arr));
27}
28if ($obj['password'] != $db->query("SELECT " . $passcoloum . " FROM " . $db_table . " WHERE " . $usrcoloum . " = " . $obj['username'])) {
29$arr = array (
30 'username' => $obj['username'],
31 'permissions' => $db->query("SELECT " . $permcoloum . " FROM " . $db_table . " WHERE " . $usrcoloum . " = " . $obj['username'])
32);
33die (json_encode($arr));
34} else {
35$arr = array ('error' => "Логин или пароль не верен!");
36die (json_encode($arr));
37}
38?>