Linux ip-172-26-7-228 5.4.0-1103-aws #111~18.04.1-Ubuntu SMP Tue May 23 20:04:10 UTC 2023 x86_64
Your IP : 18.220.196.68
<?php
function checkLoginCredentials($user, $pass, $deviceID, $deviceDate, $con)
{
$error = array();
$statusCode='';
$statusMessage='';
$admno='';
$degree='';
$apikey='';
$instCode='';
$branchCode='';
$class='';
$studentName ='';
$imageUrl='';
$section='';
$user=strtoupper($user);
//$userDisplayName='';
if ( empty( $user ) ) { //check if username is blank
$error[] = 'Username is blank';
$statusCode = '0';
$statusMessage='Username is blank.';
}
if ( empty( $pass ) ) { //check if password is blank
$error[] = 'Password is blank';
$statusCode = '0';
$statusMessage='Password is blank.';
}
if ( count( $error ) == 0 )
{
$loginQuery = "SELECT * FROM masuser WHERE
fusername = '{$user}' AND BINARY fpasswd = '{$pass}'";
$loginResult = mysqli_query($con,$loginQuery);
if(mysqli_num_rows($loginResult) == 0)
{
$statusCode = '0';
$statusMessage='Wrong username or Password.Login Failed.';
}
if (mysqli_num_rows($loginResult) > 1 )
{
$statusCode = '0';
$statusMessage='oops!!! Something went wrong.. Please try again';
}
if (mysqli_num_rows($loginResult) == 1 )
{
$row = mysqli_fetch_array($loginResult,MYSQLI_ASSOC);
$statusCode = '1';
$statusMessage = 'Success';
$admno = $row['fusername'];
$branchCode= "1";
// if APIKEY is not found, insert a new one
if(empty ($row['fapikey'])) //if the user is logging in for the first time and API key doesn't exist;
{
//generate the API key
$key= substr(str_shuffle(str_repeat($x='0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', ceil(30/strlen($x)) )),1,30);
$encryptedAPIKey = substr($pass, 0 ,2).$user.$key.substr($user, 4 ,8);
//$encryptedAPIKey=md5($inputForAPIKey,1);
$insertAPIQuery = "update masuser set fapikey = '{$encryptedAPIKey}' where fusername = '{$admno}' AND fpasswd = '{$pass}'";
$insertAPIResult = mysqli_query($con,$insertAPIQuery);
}
// if APIKEY is found, return the key back
$apiKeyQuery = "select fapikey from masuser WHERE fusername = '{$user}' AND fpasswd = '{$pass}'";
$apiKeyResult = mysqli_query($con,$apiKeyQuery);
$row1 = mysqli_fetch_array($apiKeyResult,MYSQLI_ASSOC);
$apikey = $row1['fapikey'];
$studentQueryStatement = "select s.fname as studentName,s.fadmNo as admNo, s.fdegree, s.fsection,s.fexamno,
d.fdegree,d.fdescpn as class,d.fexamno,d.fexamname as examName
from student s, degree d
where s.fdegree = d.fdegree
and s.fexamno = d.fexamno
and fadmno = '{$user}'";
$studentQueryResult = mysqli_query($con, $studentQueryStatement);
$row2 = mysqli_fetch_array($studentQueryResult,MYSQLI_ASSOC);
$section = $row2['fsection'];
$studentName = $row2['studentName'];
$class = $row2['class'];
$imageUrl = "/photos/studentphotos/".$user;
echo "Inside Function...".$imageUrl;
date_default_timezone_set('Asia/Kolkata');
$currentTime=date('Y-m-d H:i');
// This is to update the last login date of the user
$updateLoginDate = "update masuser set flastlogin = '{$currentTime}' where fusername = '{$user}' AND fpasswd = '{$pass}'";
$updateLoginResult= mysqli_query($con,$updateLoginDate);
// This is to insert Mobile token (for push notifications) and login date in masuser. Add the token if it is not available, if available & not matching - update it.
$mobileTokenQuery = "select * from deviceinfo where fusername= '{$user}'" ;
$mobileTokenResult = mysqli_query($con,$mobileTokenQuery);
// If the record for this student number doesn't exist..Add a new record in the device info table
if(mysqli_num_rows($mobileTokenResult) == 0)
{
$insertDeviceIDQuery = "insert into deviceinfo (fusername,fdeviceid,fdate) values ('{$user}','{$deviceID}','{$deviceDate}')";
$insertDeviceIDResult = mysqli_query($con,$insertDeviceIDQuery);
}
else
if(mysqli_num_rows($mobileTokenResult) == 1)
{
$row3 = mysqli_fetch_array($mobileTokenResult,MYSQLI_ASSOC);
$currentMobileToken = $row3['fdeviceid'];
//Check if the existing token and the newly sent token are same. If not, update the existing token.
//if($currentMobileToken != $deviceID)
if(strcmp($currentMobileToken,$deviceID) != 0)
{
$updateDeviceIDQuery = "update deviceinfo set fdeviceid = '{$deviceID}', fdate = '{$deviceDate}' where fusername = '{$user}'";
$updateDeviceIDResult = mysqli_query($con,$updateDeviceIDQuery);
}
}
}
}
$returnArray = array(
"statusCode" => $statusCode,
"statusMessage" => $statusMessage,
"admno" => $admno,
"studentName" => $studentName,
"apikey" => $apikey,
"instCode" => $instCode,
"branchCode" => $branchCode,
"section" => $section,
"class" => $class,
"imageUrl" => $imageUrl
);
return $returnArray;
}
function checkLoginDetails($user, $apiKey, $con1)
{
$error = array();
$statusCode='';
$statusMessage='';
$admno='';
$degree='';
// $apikey='';
$instCode='';
$branchCode='';
$inputForAPIKey='';
if ( empty( $user ) ) { //check if username is blank
$error[] = 'Username is blank';
return 'Username is blank.';
}elseif ( empty( $apiKey ) ) { //check if password is blank
$error[] = 'API KEY is blank';
return 'API KEY is blank.';
}
if ( count( $error ) == 0 )
{
$queryStatement = "SELECT * FROM masuser WHERE fusername = '{$user}'";
$query = mysqli_query($con1, $queryStatement );
if(mysqli_num_rows( $query ) >= 1 )
{
$row1 = mysqli_fetch_array($query, MYSQL_ASSOC);
$admno = $row1['fusername'];
$apiKeyFromDatabase = $row1['fapikey'];
if ($apiKey == $apiKeyFromDatabase )
{
$returnString = 'Success';
}
else
{
$returnString = 'Wrong API KEY';
}
}
else
{
$returnString = 'Username/Admission number incorrect!! Please try again';
}
}
return $returnString;
}
?>
|