Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*****************************************
- * API Version : 0.1
- * API Service : Commercial Back Office Server
- ******************************************/
- //load database config and other data libs
- require_once ("../../app/config/config.php");
- require_once ("../../app/general/Security.php");
- require ("../../app/securimage/Securimage.php");
- //require_once ("../../app/config/FUnction_connect.php");
- //API CALL DATA EXAMPLE & TEST
- /************************************
- ** Developer can modified these code if it neccessary, otherwise you can ignore it.
- ** User data from DB being parsed to json data!
- ** password decryptor https://md5hashing.net/hash
- /************************************/
- //cbois
- /*example method url call : http://localhost/poc-erp/restapi/v0.1/cbos?act=login&username=admin&password=12345678bC */
- $act = isset($_REQUEST['act']) ? $_REQUEST['act'] : '';
- switch ($act) {
- /*case 'registration':
- //registration
- # code...
- $idobu = ($_REQUEST['nomorobu']);
- $vehicenum = strtolower($_REQUEST['nomorobu']);
- $username = strtolower($_REQUEST['nomorkendaraan']);
- $email = strtolower($_REQUEST['email']);
- $password = $_REQUEST['password'];
- $handphone = $_REQUEST['mobnumb'];
- break;*/
- case 'login':
- //login validation
- # code...
- $id = empty($_REQUEST['id']);
- $user = $_REQUEST['username'];
- $pass = ($_REQUEST['password']);
- $password = hash('sha512', $pass);
- //query data
- //query = ("SELECT * from m_user");
- $stmt = $mysqli->prepare("SELECT id, username, password, salt
- FROM m_user
- WHERE (email = ? OR username = ?) AND active = 1
- LIMIT 1");
- $stmt->bind_param('ss', $email, $user);
- $stmt->execute(); // Execute the prepared query.
- $stmt->store_result();
- // get variables from result.
- $stmt->bind_result($user_id, $username, $db_password, $salt);
- $stmt->fetch();
- // hash the password with the unique salt.
- $password = hash('sha512', $password . $salt);
- //query2
- $query = ("SELECT * FROM m_user WHERE username='$user' AND password='$password' ");
- $result = $mysqli->query($query);
- $data = array();
- while ($row = mysqli_fetch_assoc($result)){
- $data[]= array(
- "id" => $row['id'],
- "username" => $row['username'],
- "password" => $row['password'],
- );
- }
- if(!empty($data)){
- //respon data
- $json = array(
- 'status' => 'Success',
- 'data' => $data
- );
- }else{
- $json = array(
- 'status' => 'error, 400',
- 'msg' => 'wrong username or password ',
- );
- }
- echo json_encode($json);
- /*echo '<pre>';
- print_r($data);
- echo '</pre>';*/
- break;
- case 'topup':
- # code...
- break;
- default:
- # code...
- echo "akhir";
- break;
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement