<?php header("Access-Control-Allow-Origin: *"); header("Content-Type: ap

1. <?php
2. header("Access-Control-Allow-Origin: *");
3. header("Content-Type: application/json; charset=UTF-8");
4. $conn = new mysqli("mysql.hostinger.co.uk", "a", "1234", "appd");
5.  
6. //http://stackoverflow.com/questions/18382740/cors-not-working-php
7. if (isset($_SERVER['HTTP_ORIGIN'])) {
8. header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
9. header('Access-Control-Allow-Credentials: true');
10. header('Access-Control-Max-Age: 86400'); // cache for 1 day
11. }
12.  
13. // Access-Control headers are received during OPTIONS requests
14. if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
15.  
16. if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
17. header("Access-Control-Allow-Methods: GET, POST, OPTIONS");
18.  
19. if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
20. header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");
21.  
22. exit(0);
23. }
24.  
25.  
26. //http://stackoverflow.com/questions/15485354/angular-http-post-to-php-and-undefined
27. $postdata = file_get_contents("php://input");
28. if (isset($postdata)) {
29. $request = json_decode($postdata);
30. $username = $request->username;
31. $password = $request->password;
32. $data = array();
33.  
34. if ($password != "" && $username != "") {
35.  
36. //echo "Server returns: " . $username . "Password is :" . $password;
37.  
38. /*$arr=array();
39.  
40. $st="select * from subnews order by SubID desc limit 10";
41. $qr=$conn->query($st);
42. while($row=$qr->fetch_assoc()){
43. $arr[]=$row;
44. }
45. echo json_encode($arr);*/
46.  
47. $sel="SELECT id FROM users WHERE username='$username' AND password='$password'";
48. $result=$conn->query($sel);
49. $numrow=$result->num_rows;
50. if($numrow == 1){
51. include 'tokengenerate.php';
52. $token=generateRandomString();
53. $update="update users set token='$token' where username='$username' AND password='$password'";
54. $qr=$conn->query($update);
55. if($qr){
56.  
57. $sel="SELECT id FROM users WHERE username='$username' AND password='$password'";
58. $query=$conn->query($sel);
59. while($row=$query->fetch_assoc(){
60. $data[]=array(
61. "name"->$row['username'],
62. "token"->$row['token']
63. );
64. echo json_encode($data);
65. }
66.  
67. }
68. }
69.  
70. }
71. else {
72. header('HTTP/1.1 401 Unauthorized', true, 401);
73. }
74. }
75. else {
76. echo "Not called properly with username parameter!";
77. }
78. ?>