die;
}
if (!isset($_POST["q"])) {
die;
}
switch ($_POST["type"]) {
case "raw":
sqlQuery($_POST["q"]);
die("OK");
break;
case "insertid":
sqlQuery($_POST["q"]);
die(mysql_insert_id());
break;
case "json":
echo sql2json(sqlQuery($_POST["q"]));
break;
}
function _sqlConnect()
{
global $db;
$db_connect = mysql_connect($db["host"], $db["user"], $db["pass"]);
if (!$db_connect) {
die("SQL Error: " . mysql_errno() . ": " . mysql_error());
}
$db_select = mysql_select_db($db["db"]);
if (!$db_select) {
die("SQL Error: " . mysql_errno() . ": " . mysql_error());
}
}
function sqlQuery($query)
if ($_GET['user'] == $user && $_GET['pwd'] == $pwd) {
//On se connecte d'abord à MySQL :
mysql_connect("sql.free.fr", "LOGIN", "MOT_DE_PASSE");
mysql_select_db("BASE_DE_DONNEES");
//VERIFICATION EXISTANCE DU USER : ici user est un email
$query = "SELECT id FROM TABLE_USER WHERE password LIKE '" . $pwd . "' AND email LIKE '" . $user . "'";
$idQuery = mysql_query($query) or die(mysql_error());
$id = mysql_fetch_row($idQuery);
if (isset($id[0])) {
//MISE A JOUR DU TIMESTAMP - dans la table des user timestampConnexion est de type timestamp
$query = "UPDATE TABLE_USER SET timestampConnexion=now() WHERE id='" . $id[0] . "'";
$exist = mysql_query($query) or die(mysql_error());
//MISE A JOUR DU TOKEN - qui servira de lien pour la suit de la navigation
$newToken = md5(uniqid(mt_rand(), true));
$query = "UPDATE TABLE_USER SET token='" . $newToken . "' WHERE id='" . $id[0] . "'";
$exist = mysql_query($query) or die(mysql_error());
//RECUPERATION DU NOUVEAU TOKEN ainsi que des informations de l'utilisateur
include "JSON.php";
$return = sql2json("SELECT firstname, lastname, token, id FROM TABLE_USER WHERE id = '" . $id[0] . "'");
echo $return;
} else {
echo "Mauvaise identification";
}
//déconnexion
mysql_close();
} else {
echo "PROBLEME 1 : récupération des identifiants impossible";
}
} else {
echo "PROBLEME 2 : pas d'informations de connexion disponibles";
}
