function processSESSION($_POST) { $token = $_SESSION['token']; $id = $_SESSION['id']; //On se connecte d'abord à MySQL : mysql_connect("sql.free.fr", "LOGIN", "MOT_DE_PASSE"); mysql_select_db("BASE_DE_DONNEES"); //VERIFICATION TOKEN $query = "SELECT count(*) FROM TABLE_USER WHERE id = '" . $id . "' AND token LIKE '" . $token . "'"; $validation = mysql_query($query) or die(mysql_error()); $valide = mysql_fetch_row($validation); if (isset($valide[0]) && $valide[0] == 1) { addLogin($token, $id); return TRUE; } else { echo "Token/id non valide"; echo "<br/>"; return FALSE; } //déconnexion mysql_close(); }
if ($mode == "create") { $password = $json["password"]; $email = $json["email"]; $r = createAccount($username, $password, $email, $developer); if ($r == "") { xsuccess("account created", "json"); } else { xerror($r, "json"); } } else { if ($mode == "login") { // this will be really close to addauth // basically want loginhash, not authcode // login hash will be longer than auth hash. users aren't having to enter it $password = $json["password"]; $r = addLogin($username, $password, $developer); if ($r["success"] == "") { xerror($r["error"], "json"); } else { xlogin($r["success"], "json"); } // this will probably be the same } } $authinfo = checkAuth($username, $login, "json"); if ($mode == "delete") { $updates = array(); foreach ($json["devices"] as $link) { $updates[$i++] = $link["id"]; } //insertLinks($updates, $developer, $authinfo["userid"], $authinfo["device"]);
function login($mail, $password, $sucursal_id) { $db = new MysqliDb(); $db->where("mail", $mail); $db->join("direcciones d", "d.usuario_id=u.usuario_id", "LEFT"); $results = $db->get("usuarios u"); global $jwt_enabled; if ($db->count > 0) { if ($results[0]['social_login'] !== 0) { echo json_encode(-1); exit; } $hash = $results[0]['password']; if (password_verify($password, $hash)) { $results[0]['password'] = ''; // Si la seguridad se encuentra habilitada, retorna el token y el usuario sin password //$results[0]->sucursal = $sucursal_id; //-1 == web //Comente la linea de arriba xq me saltaba error. if ($jwt_enabled) { echo json_encode(array('token' => createToken($results[0]), 'user' => $results[0])); } else { echo json_encode(array('token' => '', 'user' => $results[0])); } addLogin($results[0]['usuario_id'], $sucursal_id, 1); } else { addLogin($results[0]['usuario_id'], $sucursal_id, 0); echo json_encode(-1); } } else { echo json_encode(-1); } }