25 lines
883 B
PHP
25 lines
883 B
PHP
<?php
|
|
include "../../config.php";
|
|
|
|
if (isset($_POST['username']) and isset($_POST['password'])){
|
|
$sql = "SELECT * FROM users WHERE username=?";
|
|
$stmt = $pdo->prepare($sql);
|
|
$stmt->bindParam(1, $_POST['username']);
|
|
if ($stmt->execute()){
|
|
if ($stmt->rowCount()==1){
|
|
$user = $stmt->fetchAll(PDO::FETCH_ASSOC)[0];
|
|
if (password_verify($_POST['password'], $user['password'])){
|
|
$sql = "SELECT token FROM tokens WHERE user=?";
|
|
$stmt = $pdo->prepare($sql);
|
|
$stmt->bindParam(1, $user['id']);
|
|
if ($stmt->execute()){
|
|
if ($stmt->rowCount()>0){
|
|
echo $stmt->fetchAll(PDO::FETCH_ASSOC)[0]['token'];
|
|
}
|
|
}else{
|
|
var_dump($stmt->errorInfo());
|
|
}
|
|
}
|
|
}
|
|
}
|
|
} |