Hi there,
I have a login form.which contains two input parameters.
login_id and password.
login_id may be mobile or email.
user may use mobile no or email as login id.
my table structure is
uid email mobile password status
when i login through mobile no it is validating and showing error messages.
but if i login through email it is not checking email column. directly shows outputs to the client.
below is my script:
sorry for my terrible english
Check Login:
if($db->check_loginid($login_id))
{
if($db->checkLogin($login_id, $password))
{
$status = 1;
if($db->checkLoginStatus($login_id, $password, $status))
{ $updateapi = $db->updateApikey($login_id);
$user = $db->getUsersalldetails($login_id);
if($user != NULL)
{
$response = array();
$response['code'] = 100;
$response['error'] = false;
$response['output'] = array();
$tmp = array();
$tmp["Verified"] = true;
$tmp["User-Id"] = $user['UserId'];
$tmp["Api-Key"] = $user['api_key'];
$tmp["Name"] = $user['name'];
$tmp["Email"] = $user['email'];
$tmp["Mobileno"] = $user['mobile'];
$tmp["Rolecode"] = $user['roldecode'];
$tmp["message"] = "You have logged in successfully";
$response['output'] = $tmp;
echoRespnse(200, $response);
}
else
{
$response['code'] = 101;
$response['error'] = true;
$response['message'] = "An error occurred. Please try again";
echoRespnse(400, $response);
}
}
else
{
$response = array();
$response['code'] = 101;
$response['error'] = true;
$response['message'] = array();
$tmp = array();
$tmp[$arrayemail['status']] = array("Your profile is inactive");
$response['message'] = $tmp;
echoRespnse(400, $response);
}
}
else
{
$response = array();
$response['code'] = 101;
$response['error'] = true;
$response['message'] = array();
$tmp = array();
$tmp[$arrayemail['password']] = array("Enter Correct Password");
$response['message'] = $tmp;
echoRespnse(400, $response);
}
}
else
{
$response = array();
$response["code"] = "103";
$response["error"] = true;
$response['message'] = array();
$tmp = array();
$tmp[$arrayemail['loginid']] = array("Login id does not exist");
$response['message'] = $tmp;
echoRespnse(400, $response);
}
public function check_loginid($login_id)
{
$stmt = $this->conn->prepare("SELECT * from np_system_users WHERE email = ? OR mobile = ?");
$stmt->bind_param("si", $login_id, $login_id);
$stmt->execute();
$stmt->store_result();
$num_rows = $stmt->num_rows;
$stmt->close();
return $num_rows > 0;
}
public function checkLogin($login_id, $password) {
$stmt = $this->conn->prepare("SELECT u_password FROM np_system_users WHERE email = ? OR mobile = ? AND u_password = ? ");
$encryptpass = sha1($password);
$stmt->bind_param("sis", $login_id, $login_id, $encryptpass);
$stmt->execute();
$stmt->bind_result($password_hash);
$stmt->store_result();
if ($stmt->num_rows > 0) {
$stmt->fetch();
$stmt->close();
if (sha1($password)) {
return TRUE;
} else {
return FALSE;
}
} else {
$stmt->close();
return FALSE;
}
}
public function checkLoginStatus($login_id, $password, $status) {
$stmt = $this->conn->prepare("SELECT u_password FROM np_system_users WHERE email = ? OR mobile = ? AND u_password = ? AND status = ?");
$encryptpass = sha1($password);
$stmt->bind_param("sisi", $login_id, $login_id, $encryptpass, $status);
$stmt->execute();
$stmt->bind_result($password_hash);
$stmt->store_result();
if ($stmt->num_rows > 0) {
$stmt->fetch();
$stmt->close();
if (sha1($password)) {
return TRUE;
} else {
return FALSE;
}
} else {
$stmt->close();
return FALSE;
}
}
public function getUsersalldetails($login_id)
{
//$api_key = $this->generateApiKey();
$stmt = $this->conn->prepare("SELECT u_rolecode, firstname, email, mobile, person_row_id, createdat, api_key FROM np_system_users WHERE email = ? OR mobile = ?");
$stmt->bind_param("si", $login_id, $login_id);
if ($stmt->execute())
{
$stmt->bind_result($u_rolecode, $firstname, $email, $mobile, $person_row_id, $createdat, $api_key);
/* fetch values */
mysqli_stmt_fetch($stmt);
/* set values */
$user['roldecode'] = $u_rolecode;
$user['name'] = $firstname;
$user['email'] = $email;
$user['mobile'] = $mobile;
$user['UserId'] = $person_row_id;
$user['api_key'] = $api_key;
$stmt->close();
return $user;
}
else
{
return NULL;
}
}
public function updateApikey($login_id)
{
$today = date('Y-m-d');
$api_key = $this->generateApiKey();
$stmt = $this->conn->prepare("UPDATE np_system_users u set u.api_key = ?, u.updated_at = ? WHERE u.email = ? OR u.mobile = ?");
$stmt->bind_param("sssi", $api_key, $today, $login_id, $login_id);
$stmt->execute();
$result = $stmt->execute();
$num_affected_rows = $stmt->affected_rows;
$stmt->close();
return $num_affected_rows > 0;
}