<?php //Create new session session_start(); date_default_timezone_set('America/Chicago'); $time = time(); require_once '../../lib/db.php'; // Connect database. $db = new Database(); $db->connect(); require_once '../../api/SFEAuth.php'; //SFEAuth $SFEAuth = new SFEAuth(); $SFEAuth->authServer($time, $_POST['type'], $_POST['client_id'], $_POST['client_secret'], $_POST['redirect_uri'], $_POST['state'], $_POST['scope']); $username = $_POST['username']; $password = hash('sha256', $_POST['password']); $authQuery = "SELECT * FROM users WHERE username='******' AND password='******' LIMIT 1"; $result = mysql_query($authQuery); if (mysql_num_rows($result) != '0') { // If match. $_SESSION['username'] = $username; // Create session username. $_SESSION['studio'] = $_POST['studio']; mysql_query(" UPDATE users SET session_start='" . mysql_real_escape_string($time) . "' WHERE username='******' "); header("Content-Type: application/json"); header("Cache-Control: no-store"); echo '{"state":"verified", "redirect_uri":"' . $_POST['redirect_uri'] . '"}'; exit; } else { // If not match //Verify that existing user sessions are cleared