die; } if (!isset($_POST["q"])) { die; } switch ($_POST["type"]) { case "raw": sqlQuery($_POST["q"]); die("OK"); break; case "insertid": sqlQuery($_POST["q"]); die(mysql_insert_id()); break; case "json": echo sql2json(sqlQuery($_POST["q"])); break; } function _sqlConnect() { global $db; $db_connect = mysql_connect($db["host"], $db["user"], $db["pass"]); if (!$db_connect) { die("SQL Error: " . mysql_errno() . ": " . mysql_error()); } $db_select = mysql_select_db($db["db"]); if (!$db_select) { die("SQL Error: " . mysql_errno() . ": " . mysql_error()); } } function sqlQuery($query)
if ($_GET['user'] == $user && $_GET['pwd'] == $pwd) { //On se connecte d'abord à MySQL : mysql_connect("sql.free.fr", "LOGIN", "MOT_DE_PASSE"); mysql_select_db("BASE_DE_DONNEES"); //VERIFICATION EXISTANCE DU USER : ici user est un email $query = "SELECT id FROM TABLE_USER WHERE password LIKE '" . $pwd . "' AND email LIKE '" . $user . "'"; $idQuery = mysql_query($query) or die(mysql_error()); $id = mysql_fetch_row($idQuery); if (isset($id[0])) { //MISE A JOUR DU TIMESTAMP - dans la table des user timestampConnexion est de type timestamp $query = "UPDATE TABLE_USER SET timestampConnexion=now() WHERE id='" . $id[0] . "'"; $exist = mysql_query($query) or die(mysql_error()); //MISE A JOUR DU TOKEN - qui servira de lien pour la suit de la navigation $newToken = md5(uniqid(mt_rand(), true)); $query = "UPDATE TABLE_USER SET token='" . $newToken . "' WHERE id='" . $id[0] . "'"; $exist = mysql_query($query) or die(mysql_error()); //RECUPERATION DU NOUVEAU TOKEN ainsi que des informations de l'utilisateur include "JSON.php"; $return = sql2json("SELECT firstname, lastname, token, id FROM TABLE_USER WHERE id = '" . $id[0] . "'"); echo $return; } else { echo "Mauvaise identification"; } //déconnexion mysql_close(); } else { echo "PROBLEME 1 : récupération des identifiants impossible"; } } else { echo "PROBLEME 2 : pas d'informations de connexion disponibles"; }