Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- #Incluir conexao SQL
- include_once "connection.php";
- #Pegar username e password e se permanecer logado
- $username = @$_POST['username'];
- $password = @$_POST['password'];
- $staylogged = @$_POST['staylogged'];
- #Criar array result
- $result = array();
- if($username && $password) {
- #Pegar hash da password na base users
- $conn = $db -> getConnection();
- $st = $conn -> prepare("SELECT password FROM users where username=?");
- $st -> bind_param("s", $username);
- $st -> execute();
- $st -> bind_result($db_password_hash);
- $st -> fetch();
- $st -> close();
- $verified = true;
- if(!$db_password_hash) {
- #Se nao tiver na hash users ele vai pegar na temp_users
- $st = $conn -> prepare("SELECT password, date FROM temp_users where username=?");
- $st -> bind_param("s", $username);
- $st -> execute();
- $st -> bind_result($db_password_hash, $expJoinDate);
- $st -> fetch();
- if(!$db_password_hash) {
- $result["error"] = "invalid";
- die(json_encode($result));
- }
- $verified = false;
- }
- #Checar Senha
- $pw_hash = hash('sha512', $password);
- if(!password_verify($pw_hash, $db_password_hash)) {
- $result['error'] = "invalid";
- die(json_encode($result));
- }
- if(!$verified) {
- $result['verified'] = $verified;
- $result['daysLeft'] = ((strtotime($expJoinDate) + ((3600 * 24) * 30)) - time()) / 3600;
- }
- if($staylogged) {
- $cookieId = sha1($password) . time();
- setcookie("cookieId", $cookieId, time()+(30 * 24 * 60 * 60), '/');
- if($verified) {
- $st = $conn -> prepare("UPDATE users set cookieId=? where username=?");
- $st -> bind_param("ss", $cookieId, $username);
- $st -> execute();
- $result["cookieId"] = $cookieId;
- $result['error'] = null;
- die(json_encode($result));
- } else {
- $st = $conn -> prepare("UPDATE temp_users set cookieId=? where username=?");
- $st -> bind_param("ss", $cookieId, $username);
- $st -> execute();
- $result["cookieId"] = $cookieId;
- $result['error'] = null;
- die(json_encode($result));
- }
- }
- $result['error'] = null;
- die(json_encode($result));
- } else {
- $result['error'] = "incomplete";
- die(json_encode($result));
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement