· 9 years ago · Oct 11, 2016, 03:06 PM
1//login
2 if($_GET["func"]=="login")
3 {
4 $connect = new mysqli($dbhost, $dbusername, $dbpassword, $dbname);
5 if ($connect->connect_errno!=0) {
6 echo "Error: ".$connect->connect_errno." Description: ".$connect->connect_error;
7 }
8 else {
9 $login = $_POST["user"];
10 $password = $_POST["passwd"];
11
12 $query = "SELECT username, password, loginreqkey FROM users WHERE username='$login' AND password='$password'";
13
14 if ($stmt = $connect->prepare($query)) {
15 $stmt->execute();
16 $stmt->bind_result($username, $password, $loginreqkey);
17 while ($stmt->fetch()) {
18 echo "{";
19 echo '"state": "1",';
20 echo '"loginreqkey": "' . $loginreqkey . '",';
21 echo "}";
22 }
23 /* close statement */
24 $stmt->close();
25 }
26 $connect->close();
27 }
28 }
29
30
31//register
32 if($_GET["func"]=="register") {
33 $connect = new mysqli($dbhost, $dbusername, $dbpassword, $dbname);
34 if($connect->connect_errno!=0) {
35 echo "Error: ".$connect->connect_errno." Descruption: ".$connect->connect_error;
36 }
37 else {
38 $login = $_POST["user"];
39 $password = $_POST["passwd"];
40
41 $SecretKey = mt_rand(1,50);
42 $authkey = hash_hmac('sha512', '', $SecretKey);
43
44 $sql = "INSERT INTO users VALUES(NULL, '$login', '$password', '$authkey', NULL, NULL, NULL, NULL, NULL, NULL, NULL)";
45
46 if($result = $connect->query($sql)) {}
47
48 else {
49 echo "ERROR";
50 }
51 $connect->close();
52 }
53 }