<?php $con = mysqli_connect("localhost", "mpampis", "abcd1234", "quiz");

1. <?php
2.     $con =  mysqli_connect("localhost", "mpampis", "abcd1234", "quiz");
3.     mysqli_set_charset($con, 'utf8');
4.    
5.     $username = $_POST["username"];
6.     $password = $_POST["password"];
7.     function get_salt(){
8.         global $username,$con;
9.         $query = mysqli_prepare($con, "select salt FROM users WHERE username = ?");
10.         mysqli_stmt_bind_param($query, "s", $username);
11.         mysqli_stmt_execute($query);
12.         mysqli_stmt_store_result($query);
13.         mysqli_stmt_bind_result($query, $salt);
14.         mysqli_stmt_fetch($query);
15.         return $salt;
16.     }
17.    
18.    
19.    
20.     $salt = get_salt();
21.     $combine = $salt . $password;
22.     $password_hash = md5($combine);
23.     $statement = mysqli_prepare($con, "select firstname,lastname,username,age FROM users WHERE username = ? AND password = ?");
24.     mysqli_stmt_bind_param($statement, "ss", $username, $password_hash);
25.     mysqli_stmt_execute($statement);
26.     mysqli_stmt_store_result($statement);
27.     mysqli_stmt_bind_result($statement, $firstname, $lastname, $username, $age);
28.    
29.     $response = array();
30.     $response["success"] = false;  
31.     while(mysqli_stmt_fetch($statement)){
32.         $response["success"] = true;  
33.         $response["firstname"] = $firstname;
34.         $response["lastname"] = $lastname;
35.         $response["username"] = $username;
36.         $response["age"] = $age;
37.     }
38.    
39.     echo json_encode($response);
40.    
41.    
42. ?>