<?php $dbHost="localhost"; $dbUsername="username"; $dbPassword="password";

1. <?php
2.  
3.  
4. $dbHost="localhost";
5. $dbUsername="username";
6. $dbPassword="password";
7. $dbName="db";
8.  
9. $db = new MYSQL($dbHost,$dbUsername,$dbPassword,$dbName);
10.  
11. $user=(isset ($_REQUEST['username']) && ($_REQUEST['username']) >= 0) ? $_REQUEST['username'] : NULL;
12. $pass= isset($_REQUEST['password']) ? md5($_REQUEST['password']) : NULL;
13. $port= isset($_REQUEST['port']) ? $_REQUEST['port'] : NULL;
14.  
15. $action = isset($_REQUEST['action']) ? $_REQUEST['action'] : NULL;
16.  
17.  
18. if($action == "testWebAPI"){
19.  
20. if($db->testConnection()){
21. echo "Success";
22. exit;
23. }
24. else
25. {
26. echo "failed";
27. }
28. }
29.  
30.  
31. switch($action)
32. {
33. case authenticateUser:
34. if($userId = authenticateUser($db, $user , $pass))
35. {
36.  
37. $sql = "slect u.Id, u.username, u.IP, f.providerId, f.requestId, f.status, u.port
38. from friends f
39. left join users u on
40. u.Id = if ( f.providerId = ".$userId." and f.status= ".USER_APPROVED.") or
41. f.requestId = ".$userId." ";
42.  
43.  
44. $sqlmessage = "SELECT m.id, m.fromuid, m.touid, m.sentdt, m.read, m.readdt, m.mesaagetext, u.username from messages m n"
45. . "left join users u on u.Id = m.fromuid WHERE 'touid' = ".$userId." AND 'read' = 0 LIMIT 0, 30";
46.  
47. if($result = $db->query($sql))
48. {
49.  
50. while($row = $db->fetchobject($result))
51. {
52. $status = "offline";
53. if(((int)$row->$status) == USER_UNAPPROVED)
54. {
55. $status = "unApproved";
56. }
57. else if(((int)$row->authenticateTimeDifference) < TIME_INTERVAL_FOR_USER_STATUS)
58. {
59. $status="online";
60. }
61.  
62. $out .="<friend username='".$row->username."' status='".$status."' IP='".$row->IP."' userKey = '".$row->Id."' port='".$row->port."'/>";
63.  
64.  
65. }
66.  
67. if($resultmessage = $db->query($sqlmessage))
68. {
69. while ($rowmessage = $db->fetchobject($resultmessage))
70. {
71. $out .="<message from='".$rowmessage->username."' sendt='".$rowmessage->senddt."' text='".$rowmessage->messagetext."' />";
72. $sqlendmsg="UPDATE messages set 'read' = 1, 'readdt'= '".DATE("T-m-d H:i")."' WHERE 'messages'.'id' = ".$rowmessage->id.";";
73. $db->query($sqlendmsg);
74. }
75.  
76. }
77. $out .="<data>";
78. }
79.  
80. }
81.  
82.  
83. break;
84.  
85. }
86.  
87.  
88. function authenticateUser($db,$user,$pass)
89. {
90. $sql22 = "select * from users
91. where Username = '".$user."' and Password = '".$pass."'
92. limit 1";
93. if($result22 = $db->query($db,$sql22))
94. {
95. if($row22 = $db->fetchobject($result22))
96. {
97.  
98. $sql22 = "update users SET authenticateTime = NOW(), IP = '".$_SERVER['REMOTE_ADDR']."' ,port = 15145
99. where Id = ".$row22->Id."
100. limit 1";
101. $db->query($db,$sql22);
102.  
103. }
104. }
105. }
106.  
107.  
108.  
109.  
110. ?>
111.  
112. <?php
113.  
114. $con = mysqli_connect("localhost", "username", "password", "db");
115. mysqli_select_db($con, "shayea_db1and");
116.  
117.  
118. $con->set_charset("utf8");
119.  
120. $user = $_POST['username'];
121. $pass = $_POST['password'];
122.  
123.  
124. $sqlQ = "select * from users where Username='$user'";
125. $result = mysqli_Query($con, $sqlQ);
126. $row = mysqli_fetch_array($result);
127.  
128. if ($row[2] == "") {
129. print "no user";
130. } else if ($pass != $row[3]) {
131. print "Wrong Pass";
132. } else {
133. print "OK";
134. }
135. ?>