function processSESSION($_POST)
{
$token = $_SESSION['token'];
$id = $_SESSION['id'];
//On se connecte d'abord à MySQL :
mysql_connect("sql.free.fr", "LOGIN", "MOT_DE_PASSE");
mysql_select_db("BASE_DE_DONNEES");
//VERIFICATION TOKEN
$query = "SELECT count(*) FROM TABLE_USER WHERE id = '" . $id . "' AND token LIKE '" . $token . "'";
$validation = mysql_query($query) or die(mysql_error());
$valide = mysql_fetch_row($validation);
if (isset($valide[0]) && $valide[0] == 1) {
addLogin($token, $id);
return TRUE;
} else {
echo "Token/id non valide";
echo "<br/>";
return FALSE;
}
//déconnexion
mysql_close();
}
if ($mode == "create") {
$password = $json["password"];
$email = $json["email"];
$r = createAccount($username, $password, $email, $developer);
if ($r == "") {
xsuccess("account created", "json");
} else {
xerror($r, "json");
}
} else {
if ($mode == "login") {
// this will be really close to addauth
// basically want loginhash, not authcode
// login hash will be longer than auth hash. users aren't having to enter it
$password = $json["password"];
$r = addLogin($username, $password, $developer);
if ($r["success"] == "") {
xerror($r["error"], "json");
} else {
xlogin($r["success"], "json");
}
// this will probably be the same
}
}
$authinfo = checkAuth($username, $login, "json");
if ($mode == "delete") {
$updates = array();
foreach ($json["devices"] as $link) {
$updates[$i++] = $link["id"];
}
//insertLinks($updates, $developer, $authinfo["userid"], $authinfo["device"]);
function login($mail, $password, $sucursal_id)
{
$db = new MysqliDb();
$db->where("mail", $mail);
$db->join("direcciones d", "d.usuario_id=u.usuario_id", "LEFT");
$results = $db->get("usuarios u");
global $jwt_enabled;
if ($db->count > 0) {
if ($results[0]['social_login'] !== 0) {
echo json_encode(-1);
exit;
}
$hash = $results[0]['password'];
if (password_verify($password, $hash)) {
$results[0]['password'] = '';
// Si la seguridad se encuentra habilitada, retorna el token y el usuario sin password
//$results[0]->sucursal = $sucursal_id; //-1 == web
//Comente la linea de arriba xq me saltaba error.
if ($jwt_enabled) {
echo json_encode(array('token' => createToken($results[0]), 'user' => $results[0]));
} else {
echo json_encode(array('token' => '', 'user' => $results[0]));
}
addLogin($results[0]['usuario_id'], $sucursal_id, 1);
} else {
addLogin($results[0]['usuario_id'], $sucursal_id, 0);
echo json_encode(-1);
}
} else {
echo json_encode(-1);
}
}
