Skip to content

Commit fcd87ea

Browse files
gin337gin337
committed
Update auth.php: Changed error messages and added validation for config file
1 parent a37c391 commit fcd87ea

File tree

1 file changed

+13
-7
lines changed

1 file changed

+13
-7
lines changed

auth.php

+13-7
Original file line numberDiff line numberDiff line change
@@ -3,10 +3,15 @@
33

44
header('Content-Type: application/json'); // Server should always return json
55

6-
$config = json_decode(file_get_contents('/var/config/config.json'), true); // We get the Database Information
6+
// YOU CAN CHANGE THE LOCATION!! dont put it inside www or it will be exposed (You can also use a .htaccess to prevent that but is is your choice)
7+
$config = json_decode(file_get_contents('/var/config/config.json'), true); // We get the Database Information | Path is absolute!
8+
9+
if (!$config) {
10+
sp(500, 'Something failed, please check the docs again');
11+
}
712

813
// We define a simple status response for the client
9-
if (isset($_GET['status'])) {
14+
if (isset($_GET['status'])) {
1015
sp(200, 'Ok');
1116
}
1217

@@ -23,7 +28,7 @@
2328

2429
$conn = new mysqli($config['SQL_HOST'], $config['SQL_USER'], $config['SQL_PASS'], $config['SQL_DB']);
2530
if ($conn->connect_error) {
26-
sp(500, 'Something failed',);
31+
sp(500, 'Something failed', );
2732
}
2833

2934
// We now read the data sent from the client and store it in variables
@@ -60,7 +65,7 @@
6065
$data = FetchData($conn, $userid);
6166
sp(200, 'Ok', $data['id'], $data['email'], $data['group_id'], $data['avatar']);
6267
} else {
63-
sp(403, 'hwid_missmatch');
68+
sp(403, 'Invalid Information');
6469
}
6570

6671
// Dont forget to db connection we opened at the beginning. This will prevent injection attacks and other stuff.
@@ -69,7 +74,8 @@
6974
}
7075

7176
// DRY ;) We define a simple function that returns a json response to the client. We can also use this function to return a 500 error if something fails.
72-
function sp($code, $status = '', $id = null, $email = null, $group_id = null, $avatar = null) {
77+
function sp($code, $status = '', $id = null, $email = null, $group_id = null, $avatar = null)
78+
{
7379
http_response_code($code);
7480
$response = array(
7581
'status' => $status,
@@ -79,7 +85,7 @@ function sp($code, $status = '', $id = null, $email = null, $group_id = null, $a
7985
$response['email'] = $email;
8086
$response['group_id'] = $group_id;
8187
$response['avatar'] = $avatar;
82-
88+
8389
}
8490
echo json_encode($response);
8591
die();
@@ -198,4 +204,4 @@ function FetchData($conn, $userid)
198204
$stmt->close();
199205
return null;
200206
}
201-
}
207+
}

0 commit comments

Comments
 (0)