59 lines
2.1 KiB
PHP
59 lines
2.1 KiB
PHP
<?php
|
|
|
|
// Allow from any origin
|
|
if (isset($_SERVER['HTTP_ORIGIN'])) {
|
|
// Decide if the origin in $_SERVER['HTTP_ORIGIN'] is one
|
|
// you want to allow, and if so:
|
|
header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
|
|
header('Access-Control-Allow-Credentials: true');
|
|
header('Access-Control-Max-Age: 86400'); // cache for 1 day
|
|
}
|
|
|
|
// Access-Control headers are received during OPTIONS requests
|
|
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
|
|
|
|
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
|
|
// may also be using PUT, PATCH, HEAD etc
|
|
header("Access-Control-Allow-Methods: GET, POST, OPTIONS");
|
|
|
|
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
|
|
header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");
|
|
|
|
exit(0);
|
|
}
|
|
//$2y$10$yJMyDzprPAyf3rBnClqQ3O3poVb5w8gg2KcmZ10DVbTWSzgXeU.Ju
|
|
//65de59ea345a79fb01174fb34a930d95
|
|
session_start();
|
|
|
|
include 'db_connection.php';
|
|
$conn = openCon();
|
|
mysqli_set_charset($conn, "utf8");
|
|
$data = json_decode(file_get_contents("php://input"),true);
|
|
|
|
|
|
$email = $data["email"]; //"example@email.email";
|
|
$pass = $data["pass"]; //"hasło135$";
|
|
|
|
$q = "SELECT login.pass, login.salt FROM login WHERE login.email=\"" . $email . "\"";
|
|
$result = mysqli_query($conn, $q) or die("Problemy z odczytem danych!");
|
|
|
|
$answ;
|
|
while($row = mysqli_fetch_row($result))
|
|
{
|
|
$answ=["hash"=>$row[0], "salt"=>$row[1]];
|
|
}
|
|
|
|
function checkPassword($p, $s, $h){
|
|
if(password_verify($p . $s, $h)) return true;
|
|
else return false;
|
|
};
|
|
if(isset($answ["salt"]) && checkPassword($pass, $answ["salt"], $answ["hash"])){
|
|
$_SESSION["email"] = $email;
|
|
echo json_encode(true);
|
|
}
|
|
else {
|
|
$_SESSION["email"] = null;
|
|
echo json_encode(false);
|
|
}
|
|
closeCon($conn);
|
|
?>
|