<?php/***************************************************************** Di

1. <?php
2.  
3. /****************************************************************
4. * Dimitri Dessus (https://www.youtube.com/user/theiphoneretro)
5. * Développons un peu | Episode 27
6. * Version 1.2
7. * Dernière mise à jour : 28/05/2016
8. *****************************************************************/
9.  
10. header('Content-type: application/json');
11.  
12. /************************/
13. // Variables //
14. /************************/
15.  
16. $DB_HOST = "localhost";
17. $DB_NAME = "appli";
18. $DB_USER = "appli";
19. $DB_PASS = "Rhutvev4";
20.  
21. if(!isset($_POST['pseudo']) || !isset($_POST['password']))
22. {
23. die('{"status_code":0,"error_description":"variable(s) non déclarée(s)"}');
24. }
25.  
26. /************************/
27. // MYSQL //
28. /************************/
29.  
30. try
31. {
32. $connexion = new PDO("mysql:host=$DB_HOST;dbname=$DB_NAME", $DB_USER, $DB_PASS);
33. }
34. catch(PDOException $e)
35. {
36. die('{"status_code":0,"status_describe":"connexion db impossible"}');
37. }
38.  
39. $pseudo = $connexion->quote($_POST['pseudo']);
40.  
41. /************************/
42. // TRAITEMENT //
43. /************************/
44.  
45. $selectStatement = $connexion->prepare("SELECT pseudo FROM UTILISATEURS WHERE UTILISATEURS.pseudo = ". $pseudo ." AND UTILISATEURS.password='". password_hash($_POST['password'], PASSWORD_BCRYPT) ."' LIMIT 1");
46.  
47. if($selectStatement->execute())
48. {
49. $nbr_ligne = $selectStatement->rowCount();
50.  
51. if($nbr_ligne > 0)
52. {
53. die('{"status_code":1,"status_describe":"login reussi !"}');
54. }
55. else
56. {
57. die('{"status_code":0,"status_describe":"nom d\'utilisateur et/ou mot de passe incorrect"}');
58. }
59. }
60. else
61. {
62. print_r($selectStatement->errorInfo());
63. die('{"status_code":0,"status_describe":"erreur lors de l\execution de la requete SQL"}');
64. }
65.  
66. ?>