blob: 497583fc3a938109aca2d01d6ebd6a4ce2ef2d5a (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
|
<?php
/* hitler-clicker
* api for authentification
* © 2025 hitler.rip <git@hitler.rip>
* licensed under AGPLv3-or-later; see LICENSE.md for more information
*/
header('Content-Type: application/json; charset=UTF-8');
try {
$pdo = new PDO("mysql:host=127.0.0.1;dbname=hitlerclicker", "root", "aA1234Aa");
} catch(PDOException $e) {
die('{ "status": "database offline" }');
};
$wrkarr = [];
$ifarr = [ "name", "password" ];
$postjson = json_decode(file_get_contents('php://input'), true);
foreach ($ifarr as $i):
if (isset($postjson[$i])):
$newarr = [
"$i" => "$postjson[$i]",
];
$wrkarr = array_merge($wrkarr, $newarr);
endif;
endforeach;
if (!isset($wrkarr["name"]) || trim($wrkarr["name"]) == ""):
die('{ "status": "login (name) was not provided.\ncould not attempt to log in." }');
elseif (!isset($wrkarr["password"]) || trim($wrkarr["password"]) == ""):
die('{ "status": "password was not provided.\ncould not attempt to log in." }');
else:
$query = $pdo->prepare("SELECT name, password, token, team FROM users WHERE name LIKE ?");
$query -> execute([$wrkarr["name"]]);
$found = $query->fetch(PDO::FETCH_ASSOC);
if ($found):
if (!password_verify($wrkarr["password"], $found["password"])):
die('{ "status": "wrong password." }');
else:
die("{ \"status\": \"success\", \"token\": \"$found[token]\", \"team\": \"$found[team]\" }");
endif;
else:
die('{ "status": "name does not exist in the database." }');
endif;
endif;
echo '{ "status": "online" }';
?>
|
