$email = $_POST["email"]; $password = $_POST["password"]; $sql = "SELECT * FROM user WHERE email='{$email}' and password='******'"; //echo $sql; $result = mysql_query($sql); //echo $result; // Mysql_num_row is counting table row $count = mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row $message = NULL; if ($count == 1) { $row = mysql_fetch_array($result, MYSQL_ASSOC); $message = $row['id']; } else { $message = "Wrong Username or Password"; } //mail('*****@*****.**', '$subject', $message); sendResponse(200, $message); return true; } catch (Exception $e) { $err = 'Caught exception: ' . $e->getMessage() . "\n"; sendResponse(200, $err); return false; } } sendResponse(400, 'Invalid request'); return false; } } $api = new Gpstrackr(); $api->gps_tracker_login();
/* Bind parameters s - string, b - boolean, i - int, etc */ $stmt->bind_param('idd', $meUserid, $meAtti, $meLon); /* Execute it */ $stmt->execute(); $message .= "updated"; /* Close statement */ $stmt->close(); } else { /* Error */ printf("Prepared Statement Error: %s\n", $mysqli->error); } /* Close connection */ $mysqli->close(); //mysql_close($con); $message .= $meAtti . " " . $meLon . " " . $meUserid; //mail('*****@*****.**', '$subject', $message); sendResponse(200, $message); return true; } catch (Exception $e) { $err = 'Caught exception: ' . $e->getMessage() . "\n"; sendResponse(200, $err); return false; } } sendResponse(400, 'Invalid request'); return false; } } $api = new Gpstrackr(); $api->gps_tracker_update();