<?php
#this script provides the details of subscribers in JSON
include "../classes/database.php";
if (isset($_GET['user_id'])) {
$db = new Database();
$db->connect();
$query = "select * from subscribers where user_id='" . $_GET['user_id'] . "'";
$result = $db->selectData($query);
$result = mysqli_fetch_assoc($result);
header("Content-type : application/json");
echo json_encode($result);
}
$pass1 = $_POST['pw1'];
$pass2 = $_POST['pw2'];
$errors = array();
//Array to hold error messages
?>
<?php
/* Server Side Validation performed here */
/* Check if email already exists in database*/
$emailExist = false;
$statement = 'SELECT vendorEmail FROM Vendor';
//Select Query
$connection->connectToDatabase();
//Connect to database
$dataset = $connection->selectData($statement);
if ($dataset->num_rows > 0) {
// output data of each row
while ($row = $dataset->fetch_assoc()) {
if ($row["vendorEmail"] == $email) {
$emailExist = true;
}
}
}
if ($emailExist) {
array_push($errors, "Company email " . $email . " already exists.");
}
/* End Check Email Exists */
/* */
if (empty($description)) {
array_push($errors, "Description can't be empty.");
<?php
# this script checks the login credentials for the user and sends JSON reply
include "../classes/database.php";
if (isset($_POST['user_id']) && isset($_POST['password'])) {
$db = new Database();
$result = array();
$db->connect();
$query = "select user_id,password from users where user_id='" . $_POST['user_id'] . "' and password='******'password']) . "'";
$checkLoginStatus = $db->selectData($query);
if (mysql_num_rows($checkLoginStatus) == 0) {
$result['code'] = "0";
} else {
$result['code'] = "1";
}
header("Content-type : application/json");
echo json_encode($result);
}
<?php
#this script contains the code for verifying the login of admin
include "../classes/database.php";
if ($_GET['userId'] || $_GET['password']) {
$db = new Database();
$db->connect();
$userId = $_POST['userId'];
$password = md5($_POST['password']);
$loginQuery = "select * from users where user_id='{$userId}' and password='******'";
$loginQueryResult = $db->selectData($loginQuery);
$db->disconnect();
if (mysql_num_rows($loginQueryResult) > 0) {
$loginQueryResult = mysql_fetch_assoc($loginQueryResult);
if ($loginQueryResult['type_of_user'] == '0') {
session_start();
$_SESSION['param1'] = $loginQueryResult['user_id'];
$_SESSION['param2'] = time();
} else {
echo "0";
}
} else {
echo "0";
}
}
<?php
#this script checks whether there is an active session of admin user or not
include "./classes/database.php";
session_start();
if (isset($_SESSION['param1'])) {
$db = new Database();
$db->connect();
$checkLoginQuery = "select * from users where user_id='" . $_SESSION['param1'] . "'";
$checkLoginQueryResult = $db->selectData($checkLoginQuery);
//verifying if the session made still exist or not
if (mysqli_num_rows($checkLoginQueryResult) == 0) {
echo "0";
} else {
echo "1";
}
} else {
echo "0";
}
