daily pastebin goal
34%
SHARE
TWEET

Untitled

a guest Nov 6th, 2018 104 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2.  
  3. require_once('../api.php');
  4.  
  5. //Getting username and password from Angular
  6.  
  7. $user = $_POST['username'];
  8. $password = $_POST['password'];
  9.  
  10. $newApi = new api();
  11. $conn = $newApi->connection();
  12. //var_dump($conn);
  13. $res = $newApi->login($conn, $user, $password);
  14.  
  15. echo json_encode($res);
  16. ?>
  17.    
  18. <?php
  19. header('Access-Control-Allow-Origin: *');
  20. header('Access-Control-Allow-Headers: *');
  21. header('Content-Type: application/json');
  22. header('Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE, HEAD, OPTIONS');
  23. header('Content-Type', 'application/x-www-form-urlencoded; charset=UTF-8');
  24. error_reporting(E_ALL);
  25.  
  26. require_once('JWT.php');
  27.  
  28. include_once('../phpmailer/PHPMailer.php');
  29. include_once('../phpmailer/POP3.php');
  30. include_once('../phpmailer/SMTP.php');
  31. include_once('../phpmailer/Exception.php');
  32. class api {
  33.     private $username ="root";
  34.     private $password ="root";
  35.     private $db="reg_sys";
  36.     private $host = "localhost";
  37.     public $conn;
  38.     public $key = "key123";
  39.     public $sessionJwt;
  40.     public function connection(){
  41.         session_start();
  42.         try{
  43.             $this->conn = new PDO("mysql:host=$this->host;dbname=$this->db", $this->username, $this->password);
  44.             $this->conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  45.             $this->conn->exec("SET CHARACTER SET utf8");
  46.  
  47.             return $this->conn;
  48.         }
  49.         catch(PDOException $e){
  50.             return $e->getMessage();
  51.         }
  52.  
  53.     }
  54. public function login($conn, $user, $password){
  55.  
  56.         try{
  57.             $exist = $this->checkIfUserExist($conn, $user);
  58.             if($exist['exist'])
  59.             {
  60.                 //Check Password and Generate a token
  61.                 $checkPassword = "SELECT user_id, user_name, user.role_id, roles.role_type
  62.                 FROM user
  63.                     LEFT JOIN roles ON user.role_id = roles.role_id
  64.                 WHERE
  65.                     user_name = :user
  66.                 AND
  67.                     user_password = :pass
  68.                 LIMIT 1";
  69.  
  70.                 $execCheckPassword = $this->conn->prepare($checkPassword);
  71.                 $execCheckPassword->bindValue('user', $user);
  72.                 $execCheckPassword->bindValue('pass', $password);
  73.                 $execCheckPassword->execute();
  74.                 $fetchRes = $execCheckPassword->fetch();
  75.                 $resFound = $execCheckPassword->rowCount();
  76.                 //Then
  77.                 if($resFound>0)
  78.                 {
  79.                     //Generate a JWT
  80.                     //Array to generate a JWT from
  81.  
  82.                     $arrayJWT =
  83.                     [
  84.                         'login_id'=>$fetchRes['user_id'],
  85.                         'username'=> $fetchRes['user_name'],
  86.                         'user_role'=>$fetchRes['role_type']
  87.                     ];
  88.  
  89.                     $encodedJWT = JWT::encode($arrayJWT, $this->key);
  90.  
  91.                     $resArray =
  92.                     [
  93.                         'jwt'=> $encodedJWT,
  94.                         'user_exist'=> 'true',
  95.                         'user_id'=>$fetchRes['user_id'],  
  96.                         'username'=> $fetchRes['user_name'],
  97.                         'user_role'=>$fetchRes['role_type']
  98.                     ];
  99.  
  100.                     $_SESSION['jwt']=$encodedJWT;
  101.  
  102.  
  103.                 }
  104.                 else
  105.                 {
  106.                     $resArray = ['user_exist'=> 'false', 'errorMsg' => "Incorrect Password!!!"];
  107.                     //Insert into login_attempt table
  108.                     $sql = "INSERT INTO login_attempt(login_attempt_date, login_attempt_status, user_id)
  109.                             VALUES(:date_time, :attempt_status, :user_id)";
  110.                     $exec = $conn->prepare($sql);
  111.                     $exec->bindValue(':date_time', $this->currentDateTime);
  112.                     $exec->bindValue(':attempt_status', 'Active');
  113.                     $exec->bindValue(':user_id', $exist['user_id']);
  114.                     $exec->execute();
  115.                 }
  116.             }
  117.             else
  118.             {
  119.                 $resArray = ['user_exist'=> 'false', 'errorMsg' => "Username doesn't exist"];
  120.             }
  121.             return $resArray;
  122.         }
  123.         catch(PDOException $e)
  124.         {
  125.             echo $e->getMessage();
  126.         }
  127.  
  128.  
  129.  
  130.     }
  131. }
  132.    
  133. login(username, password): Observable<any> {
  134.     let headerOptions = new HttpHeaders();
  135.     //headerOptions.append('Access-Control-Allow-Origin', '*');
  136.     //headerOptions.append('Access-Control-Request-Headers', '*');
  137.     headerOptions.append('Access-Control-Allow-Credentials', 'true');
  138.     headerOptions.append('Content-Type', 'application/json');
  139.     headerOptions.append('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,PATCH,OPTIONS');
  140.     headerOptions.append('Content-Type', 'application/x-www-form-urlencoded; charset=UTF-8');
  141.  
  142.  
  143.     this.credentials = { user: username, pass: password };
  144.     const httpParams = new HttpParams()
  145.       .set('username', username)
  146.       .set('password', password);
  147.  
  148.  
  149.     return this.http.post(this.globalVar.login, httpParams, {
  150.       headers: headerOptions,
  151.     })
  152.   }
  153.    
  154. //headerOptions.append('Access-Control-Allow-Origin', '*');
  155. //headerOptions.append('Access-Control-Request-Headers', '*');
  156.    
  157. # Virtual Hosts
  158. #
  159. <VirtualHost *:80>
  160.   ServerName localhost
  161.   ServerAlias localhost
  162.   DocumentRoot "${INSTALL_DIR}/www"
  163.   <Directory "${INSTALL_DIR}/www/">
  164.     Options +Indexes +Includes +FollowSymLinks +MultiViews
  165.     Header set Access-Control-Allow-Origin "*"
  166.     AllowOverride All
  167.     Require local
  168.     Allow from 127.0.0.1
  169.     Allow from 192.168.10.0
  170.     Allow from 192.168.0.217
  171.     Require all granted
  172.   </Directory>
  173. </VirtualHost>
  174.  
  175.  
  176. #dev.local
  177. <VirtualHost *:80>
  178.  
  179.     ServerAdmin it@m.org
  180.     DocumentRoot "c:/wamp64/www/dev"
  181.     ServerName dev.local    
  182.     ServerAlias www.dev.local
  183.  
  184.     <Directory  "c:/wamp64/www/dev/">
  185.  
  186.         AllowOverride All
  187.         Require local
  188.         Allow from 127.0.0.1
  189.         #Allow from 192.168.10.0
  190.         #Allow from 192.168.0.140
  191.         Require ip 192.168.0
  192.         Require ip 192.168.1    
  193.         Require ip 192.168.10
  194.         Require all granted    
  195.                 Allow from all
  196.     </Directory>
  197. </VirtualHost>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top