static function startpage($config) { header("Access-Control-Allow-Origin: *"); header('Content-Type: application/json'); APIHelpers::$TIMESTART = microtime(true); $issetToken = APIHelpers::issetParam('token'); if ($issetToken) { APIHelpers::$TOKEN = APIHelpers::getParam('token', ''); $conn = APIHelpers::createConnection($config); try { $stmt = $conn->prepare('SELECT data FROM users_tokens WHERE token = ? AND status = ? AND end_date > NOW()'); $stmt->execute(array(APIHelpers::$TOKEN, 'active')); if ($row = $stmt->fetch()) { APIHelpers::$FHQSESSION = json_decode($row['data'], true); APIHelpers::$FHQSESSION_ORIG = json_decode($row['data'], true); } } catch (PDOException $e) { APIHelpers::showerror(1188, $e->getMessage()); } } else { APIHelpers::$FHQSESSION = $_SESSION; APIHelpers::$FHQSESSION_ORIG = $_SESSION; } $response = array('result' => 'fail', 'lead_time_sec' => 0, 'data' => array()); return $response; }
include_once $curdir . "/../api.lib/api.helpers.php"; include_once $curdir . "/../api.lib/api.security.php"; include_once $curdir . "/../api.lib/api.user.php"; include_once $curdir . "/../../config/config.php"; $result = array('result' => 'fail', 'data' => array()); $token = ''; if (!APIHelpers::issetParam('email')) { APIHelpers::showerror(1001, 'Parameter email was not found'); } if (!APIHelpers::issetParam('password')) { APIHelpers::showerror(1316, 'Parameter password was not found'); } $email = APIHelpers::getParam('email', ''); $password = APIHelpers::getParam('password', ''); $conn = APIHelpers::createConnection($config); $hash_password2 = APISecurity::generatePassword2($email, $password); if (APISecurity::login($conn, $email, $hash_password2)) { $result['result'] = 'ok'; APIHelpers::$TOKEN = APIHelpers::gen_guid(); $result['data']['token'] = APIHelpers::$TOKEN; $result['data']['session'] = APIHelpers::$FHQSESSION; } else { APIHelpers::showerror(1002, 'email or/and password was not found in system '); } if ($result['result'] == 'ok') { APISecurity::insertLastIp($conn, APIHelpers::getParam('client', 'none')); APIUser::loadUserProfile($conn); // APIUser::loadUserScore($conn); APISecurity::saveByToken(); } echo json_encode($result);