function login($username, $pass) { $pdo = newPDO(); $query = $pdo->prepare("SELECT * FROM users WHERE username=:username AND password=:pass LIMIT 1"); $query->execute(array(':username' => $username, ':pass' => $pass)); $results = $query->fetchAll(PDO::FETCH_ASSOC); // if user found in the database (username and password is corrent) if (count($results) == 1) { setCookies($results[0]["id"], $results[0]["username"], $results[0]["name"], $results[0]["email"]); $_SESSION['userid'] = $results[0]["id"]; $_SESSION['username'] = $results[0]["username"]; $_SESSION['user_name'] = $results[0]["name"]; $_SESSION['usermail'] = $results[0]["email"]; return json_encode($results); } else { return "failed"; } }
<?php /** * @file * Sample token endpoint. * * Obviously not production-ready code, just simple and to the point. * * In reality, you'd probably use a nifty framework to handle most of the crud for you. */ use OAuth2\OAuth2; use OAuth2\OAuth2ServerException; require 'lib/bootstrap.php'; $oauth = new OAuth2(new OAuth2StoragePDO(newPDO())); try { $response = $oauth->grantAccessToken(); $response->send(); } catch (OAuth2ServerException $oauthError) { $oauthError->getHttpResponse()->send(); }
<?php include_once '../config.php'; if (isLoggedIn()) { $userid = $_SESSION['userid']; $pdo = newPDO(); $query = $pdo->prepare("SELECT * FROM userfeeds WHERE userid=:userid ORDER BY likecount DESC"); $ok = $query->execute(array(':userid' => $userid)); $results = $query->fetchAll(PDO::FETCH_ASSOC); if (!$ok) { echo "failed"; exit; } if (count($results) > 0) { echo json_encode($results); } } else { echo "notloggedin"; }
<?php include "common.php"; if (isset($_COOKIE['user'])) { $user = $_COOKIE['user']; $id = $_COOKIE['id']; } else { header('Location: index.php'); } // the case that add an item to the list if (!$_POST["university"]) { // empty item dispaly error message and redirect to todolist.php header('Location: userinfo.php'); } $university = $_POST["university"]; $standing = $_POST["standing"]; $db = newPDO(); $deletecolum = "DELETE FROM Users WHERE facebookid = {$id}"; $query = "INSERT INTO users(name, university, classStanding, facebookid) VALUES ('{$user}', '{$university}', '{$standing}', '{$id}')"; $db->exec($deletecolum); $db->exec($query); header('Location: home.php');