CCOM4030
/
Goodle
關註 2
收藏 1
複製 0
程式碼 問題管理 0 合併請求 0 版本發佈 0 Wiki Activity
暫無描述
7 Commit
6 分支
目錄樹: d6266af544
Goodle/Admin backend/login.php

login.php 1.1KB
文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445 
  1. <?php

  2. header('Content-type: application/json');

  3. if ($_SERVER["REQUEST_METHOD"] == "POST") {

  4.     # Gets json from POST

  5.     $json = json_decode(file_get_contents('php://input'), true);

  6. 

  7.     # Input validation for username y password

  8.     $username = $json["username"];

  9.     $password = $json["password"];

  10.     if(strlen($username) == 0 or strlen($password) == 0){

  11.         header("400 Bad Request", true, 400);

  12.         exit();

  13.     }

  14. 

  15.     include 'db.php';

  16. 

  17.     # Select username row

  18.     $sql = "SELECT hash FROM login WHERE username = '".$username."'";

  19.     $result = $conn->query($sql);

  20.     if($result->num_rows){

  21.         $result = $result->fetch_assoc();

  22.         $hash = $result["hash"];

  23.     } else {

  24.         $conn->close();

  25.         header("400 Bad Request", true, 400);

  26.         exit();

  27.     }

  28. 

  29.     # Verifies password

  30.     if(!password_verify($password, $hash)){

  31.         $conn->close();

  32.         header("400 Bad Request", true, 400);

  33.         exit();

  34.     }

  35. 

  36.     # Returns 200

  37.     $conn->close();

  38.     header("200 OK", true, 200);

  39.     exit();

  40.     

  41. } else {

  42.     header($_SERVER["SERVER_PROTOCOL"]." 405 Method Not Allowed", true, 405);

  43.     exit();

  44. }

  45. ?>