header('Content-type: application/json');if($_POST) {$username = $_POST['use

1. header('Content-type: application/json');
2. if($_POST) {
3. $username = $_POST['username'];
4. $password = $_POST['password'];
5.  
6. if($username && $password) {
7.  
8. $db_name = 'mysite';
9. $db_user = 'root';
10. $db_password = '12345';
11. $server_url = 'localhost';
12.  
13. $mysqli = new mysqli('localhost', $db_user, $db_password, $db_name);
14.  
15. /* check connection */
16. if (mysqli_connect_errno()) {
17. error_log("Connect failed: " . mysqli_connect_error());
18. echo '{"success":0,"error_message":"' . mysqli_connect_error() . '"}';
19. } else {
20. if ($stmt = $mysqli->prepare("SELECT login FROM users WHERE login = ? and password = ?")) {
21.  
22. //$password = $password;
23. // $id = "SELECT id FROM users WHERE login=?";
24. /* bind parameters for markers */
25. $stmt->bind_param("ss", $username, $password);
26.  
27. /* execute query */
28. $stmt->execute();
29.  
30. /* bind result variables */
31. $stmt->bind_result($id1);
32.  
33. /* fetch value */
34. $stmt->fetch();
35.  
36. /* close statement */
37. $stmt->close();
38.  
39. }
40.  
41. /* close connection */
42. $mysqli->close();
43.  
44. if ($id1) {
45. error_log("User $username: password match.");
46. echo '{"success":1}';
47. } else {
48. error_log("User $username: password doesn't match.");
49. echo '{"success":0,"error_message":"Invalid Username/Password"}';
50. }
51. }
52. } else {
53. echo '{"success":0,"error_message":"Invalid Username/Password."}';
54. }
55. }else {
56. echo '{"succ11ess":0,"error_message":"Invalid Data."}';
57. }
58. ?>
59.  
60. SELECT id FROM users WHERE login = ? and password = ?