50 lines
1.3 KiB
PHP
50 lines
1.3 KiB
PHP
<?php
|
|
include_once($_SERVER['DOCUMENT_ROOT'] . "/db_config.php");
|
|
include_once($_SERVER['DOCUMENT_ROOT'] . "/includes/utils.php");
|
|
|
|
$token = get_bearer_token();
|
|
|
|
if (is_null($token)) {
|
|
header('Content-Type: application/json');
|
|
http_response_code(412);
|
|
echo '{"success":"false","message":"No token provided","username":"","email": ""}';
|
|
return;
|
|
}
|
|
|
|
// Input validation and sanitization
|
|
$token = $mysqli->real_escape_string($token);
|
|
|
|
// Prepare and bind
|
|
$stmt = $mysqli->prepare("SELECT * FROM users WHERE token = ?");
|
|
$stmt->bind_param("s", $token);
|
|
|
|
// Execute statement
|
|
$stmt->execute();
|
|
|
|
// Get result
|
|
$result = $stmt->get_result();
|
|
|
|
$response = array();
|
|
|
|
if ($result->num_rows > 0) {
|
|
$row = $result->fetch_assoc();
|
|
|
|
$response['success'] = "true";
|
|
$response['message'] = "Success";
|
|
$response['username'] = $row['username'];
|
|
$response['email'] = $row['email'];
|
|
} else {
|
|
$response['success'] = "false";
|
|
$response['message'] = 'Invalid token.';
|
|
$response['username'] = "";
|
|
$response['email'] = "";
|
|
}
|
|
|
|
// Close connections
|
|
$stmt->close();
|
|
$mysqli->close();
|
|
|
|
// Return JSON response
|
|
header('Content-Type: application/json');
|
|
echo '{"success":' . $response['success'] . ', "message":"' . $response['message'] . '", "username":"' . $response['username'] . '", "email":"' . $response['email'] . '"}';
|