qr_id route php getDog

php/php-dog/login.php

@@ -0,0 +1,106 @@
+<?php
+header("Access-Control-Allow-Origin: *");
+header("Access-Control-Allow-Headers: access");
+header("Access-Control-Allow-Methods: POST");
+header("Content-Type: application/json; charset=UTF-8");
+header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");
+
+session_start();
+
+require __DIR__.'/classes/Database.php';
+//require __DIR__.'/classes/JwtHandler.php';
+
+function msg($success,$status,$message,$extra = []){
+    return array_merge([
+        'success' => $success,
+        'status' => $status,
+        'message' => $message
+    ],$extra);
+}
+
+$db_connection = new Database();
+$conn = $db_connection->dbConnection();
+
+$data = json_decode(file_get_contents("php://input"));
+$returnData = [];
+
+// IF REQUEST METHOD IS NOT EQUAL TO POST
+if($_SERVER["REQUEST_METHOD"] != "POST"):
+    $returnData = msg(0,404,'Page Not Found!');
+
+// CHECKING EMPTY FIELDS
+elseif(!isset($data->email) 
+    || !isset($data->password)
+    || empty(trim($data->email))
+    || empty(trim($data->password))
+    ):
+
+    $fields = ['fields' => ['email','password']];
+    $returnData = msg(0,422,'Please Fill in all Required Fields!',$fields);
+
+// IF THERE ARE NO EMPTY FIELDS THEN-
+else:
+    $email = trim($data->email);
+    $password = trim($data->password);
+
+    // CHECKING THE EMAIL FORMAT (IF INVALID FORMAT)
+    if(!filter_var($email, FILTER_VALIDATE_EMAIL)):
+        $returnData = msg(0,422,'Invalid Email Address!');
+    
+    // IF PASSWORD IS LESS THAN 8 THE SHOW THE ERROR
+    elseif(strlen($password) < 8):
+        $returnData = msg(0,422,'Your password must be at least 8 characters long!');
+
+    // THE USER IS ABLE TO PERFORM THE LOGIN ACTION
+    else:
+        try{
+            
+            $fetch_user_by_email = "SELECT * FROM `users` WHERE `email`=:email";
+            $query_stmt = $conn->prepare($fetch_user_by_email);
+            $query_stmt->bindValue(':email', $email,PDO::PARAM_STR);
+            $query_stmt->execute();
+
+            // IF THE USER IS FOUNDED BY EMAIL
+            if($query_stmt->rowCount()):
+                $row = $query_stmt->fetch(PDO::FETCH_ASSOC);
+                $check_password = password_verify($password, $row['password']);
+
+                // VERIFYING THE PASSWORD (IS CORRECT OR NOT?)
+                // IF PASSWORD IS CORRECT THEN SEND THE LOGIN TOKEN
+                if ($check_password):
+
+                    //                    $jwt = new JwtHandler();
+                    $user = array(
+                        'id' => $row['id'],
+                        'vorname' => $row['vorname'],
+                        'nachname' => $row['nachname'],
+                        'email' => $row['email']
+                    );
+                    $_SESSION['user'] = $user;
+                    
+                    $returnData = [
+                        'success' => 1,
+                        'message' => 'You have successfully logged in.',
+                        'user' => $user,
+                        'session' => $_SESSION 
+                    ];
+
+                // IF INVALID PASSWORD
+                else:
+                    $returnData = msg(0,422,'Invalid Password!');
+                endif;
+
+            // IF THE USER IS NOT FOUNDED BY EMAIL THEN SHOW THE FOLLOWING ERROR
+            else:
+                $returnData = msg(0,422,'Invalid Email Address!');
+            endif;
+        }
+        catch(PDOException $e){
+            $returnData = msg(0,500,$e->getMessage());
+        }
+
+    endif;
+
+endif;
+
+echo json_encode($returnData);