login script
PHPAuthor: ahambridge
8 months ago │ 1,456 B
<?php
session_start();
require_once("../dbConn/database.php");
header('Content-Type: application/json');
$rawData = file_get_contents("php://input");
$data = json_decode($rawData, true);
if (!$data) {
echo json_encode(["success" => false, "message" => "Invalid JSON received", "rawData" => $rawData]);
exit;
}
if (empty($data['emailInput']) || empty($data['passwordInput'])) {
echo json_encode(["success" => false, "message" => "Error: Missing input"]);
exit;
}
$email = trim($data['emailInput']);
$password = $data['passwordInput'];
$db = new Database();
$conn = $db->getConnection();
$SQL = "SELECT * FROM users WHERE email = ?";
$stmt = $conn->prepare($SQL);
$stmt->bind_param("s", $email);
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows === 1) {
$USER = $result->fetch_assoc();
if (password_verify($password, $USER['password'])) {
$_SESSION['userID'] = $USER['uid'];
$_SESSION['firstName'] = $USER['firstName'];
$_SESSION['lastName'] = $USER['lastName'];
$_SESSION['adminStatus'] = $USER['adminStatus'];
echo json_encode(["success" => true, "message" => "Login successful"]);
exit;
} else {
echo json_encode(["success" => false, "message" => "Incorrect password"]);
exit;
}
} else {
echo json_encode(["success" => false, "message" => "User not found"]);
exit;
}
?>