Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- //Define and initialize variables to connect to database server
- $servername = "localhost";
- $username = "id1148117_xirokx";
- $password = "project";
- $dbName = "id1148117_login";
- //Create database connection
- $con = mysqli_connect($servername, $username, $password, $dbName);
- //check connection - If database connection unsuccessful display error = connection failed
- if ($con->connect_error) {
- die("Connection failed: " . $con->connect_error);
- }
- //check username and password form values are not empty and send (POST) them to database server to verify they exist.
- if(isset($_POST["username"]) && isset($_POST["password"])) {
- $username = $_POST["username"];
- $password = $_POST["password"];
- //using a prepared sql statement to minimise the risk of SQL injection attack AND
- //to create a SQL "SELECT" query template that can be executed on my database table
- $statement = mysqli_prepare($con, "SELECT user_id,name,username,age,password FROM user WHERE username = ? AND password = ?");
- //attaches ("bind's") my form variables to my SQL query
- //"ss" defines the data types for both my variables - username and password are both Strings hence "ss"
- mysqli_stmt_bind_param($statement, "ss", $username, $password);
- //runs the SQL query in my database table
- mysqli_stmt_execute($statement);
- //stores the result of my prepared SQL query to a variable
- mysqli_stmt_store_result($statement);
- //defines each variable to attach the returned result of my prepared SQL SELECT query
- mysqli_stmt_bind_result($statement, $user_id, $name, $username, $age, $password);
- //returns "true" if my prepared SQL statement successfully returned data
- $response = array();
- $response["success"] = true;
- //iterates using a while loop through the returned results of my prepared SQL statement SELECT query
- //and stores these results in my corresponding pre-defined variables
- while(mysqli_stmt_fetch($statement)){
- $response["success"] = true;
- $response["name"] = $name;
- $response["name"] = $name;
- $response["username"] = $username;
- $response["age"] = $age;
- $response["password"] = $password;
- }
- //translates Php response into JSON Object so my mobile application can work with the returned String and continue processing.
- echo json_encode($response);
- //Close database connection to service further db requests and avoid application from slowing down
- $conn->close();
- }
- //if user did not provide values on my login form then return this error
- else {
- echo "check ip address, internet connection, else";
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement