Sign up form in conjunction with a mobile app
Posted: Fri Apr 01, 2022 10:23 am
Please bear with me, I am very new to PHP and websites!
I have made an app for android, and I use my WYSIWYG website to edit/update/delete records in the Mysql database that the app uses.
What I use to do was use an Admin app to do all the changes to the Mysql database, but I now want to use my website instead.
Everything works fine, except in the app, I have an area that only certain people are allowed to access, so I had a log in page for that area.
When I set it up using the admin app to add users, all was well, but on the website I am trying to use the sign up form. The problem I have, is the sign up form uses md5, but the php file I was using to access (log in the user) in the Mysql database from my app uses sha256.
At the moment I can write via the website to the Mysql table to add users, but I can't seem to get my php file that the app uses to be able to log on. Below is the php file I was using, can anyone please help to change it to work with the sign up form;
session_start();
if (isset($_POST['email']) && isset($_POST['pass'])) {
function validate($data){
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
$uname = validate($_POST['email']);
$pass = $_POST['pass'];
if (empty($uname)) {
showMessage("name is required",0);
}else if(empty($pass)){
showMessage("Password is required",0);
}else{
// $pass = hash('sha256', $pass);
// $pass = crypt( $pass,'sha256');
$sql = "SELECT * FROM users WHERE email='$uname'";
$result = mysqli_query($mysql, $sql);
if ($result->num_rows == 1) {
$row = mysqli_fetch_assoc($result);
//$pass= crc32($pass, 'sha256');
if ($row['email'] === $uname && password_verify($pass, $row['password'])) {
$myArr = array("sha256"=>$sha256,"response"=>"OK","status"=>"1");
$sha256= crypt(json_encode($row) , 'sha256');
$myArr = array_merge($row, $myArr);
$myJSON = json_encode($myArr);
echo $myJSON;
exit();
}else{
showMessage("Incorect password",0);
}
}else{
showMessage("No User Found",0);
}
}
}else{
showMessage("ERR_NOT_FOUND",0);
}
function showMessage($response,int $status)
{
echo json_encode(array("response" => $response, "status" => $status));
exit();
}
?>
I got the original add user and login user php files from a tutorial that I followed. The log in php file requires a response of OK or something simular so the app can the let them through to the logged in area.
Many thanks
Steve
I have made an app for android, and I use my WYSIWYG website to edit/update/delete records in the Mysql database that the app uses.
What I use to do was use an Admin app to do all the changes to the Mysql database, but I now want to use my website instead.
Everything works fine, except in the app, I have an area that only certain people are allowed to access, so I had a log in page for that area.
When I set it up using the admin app to add users, all was well, but on the website I am trying to use the sign up form. The problem I have, is the sign up form uses md5, but the php file I was using to access (log in the user) in the Mysql database from my app uses sha256.
At the moment I can write via the website to the Mysql table to add users, but I can't seem to get my php file that the app uses to be able to log on. Below is the php file I was using, can anyone please help to change it to work with the sign up form;
session_start();
if (isset($_POST['email']) && isset($_POST['pass'])) {
function validate($data){
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
$uname = validate($_POST['email']);
$pass = $_POST['pass'];
if (empty($uname)) {
showMessage("name is required",0);
}else if(empty($pass)){
showMessage("Password is required",0);
}else{
// $pass = hash('sha256', $pass);
// $pass = crypt( $pass,'sha256');
$sql = "SELECT * FROM users WHERE email='$uname'";
$result = mysqli_query($mysql, $sql);
if ($result->num_rows == 1) {
$row = mysqli_fetch_assoc($result);
//$pass= crc32($pass, 'sha256');
if ($row['email'] === $uname && password_verify($pass, $row['password'])) {
$myArr = array("sha256"=>$sha256,"response"=>"OK","status"=>"1");
$sha256= crypt(json_encode($row) , 'sha256');
$myArr = array_merge($row, $myArr);
$myJSON = json_encode($myArr);
echo $myJSON;
exit();
}else{
showMessage("Incorect password",0);
}
}else{
showMessage("No User Found",0);
}
}
}else{
showMessage("ERR_NOT_FOUND",0);
}
function showMessage($response,int $status)
{
echo json_encode(array("response" => $response, "status" => $status));
exit();
}
?>
I got the original add user and login user php files from a tutorial that I followed. The log in php file requires a response of OK or something simular so the app can the let them through to the logged in area.
Many thanks
Steve