|
|
Client:
<script type="text/javascript">
function sendMyData()
{
// get data
var username = "MarioRossi";
var password = "Secret Passphrase";
// prepare array
var digest_md5 = Crypto.MD5(password);
var json_obj = {"username" : username, "password" : digest_md5 };
json_string = myencrypt(JSON.stringify(json_obj));
// send data
$.ajax({
type: "POST",
url: "./myserver.php",
data: {cryption:json_string},
context: document.body,
async: true,
success: function(res, stato)
{
try {
var json_message = mydecrypt(res.trim());
var jsObject = eval("(" + json_message + ")");
var msg = jsObject.msg;
}
catch(e) {
console.log(e);
}
},
error : function (richiesta, stato, errori)
{
var msg = "An error has occured. Call Status: " + stato;
console.log(msg);
}
});
return false;
}
</script>
Server:
<?php
// include AES PHP
require_once './aes-php.php';
// array for JSON response
$response = array();
// 1) decryption
if (!isset($_POST['cryption'])) { exit; }
$result = parseQuery($_POST['cryption']);
if (!isset($result)) exit;
// 2) get data
$json_string = $result;
$jsonObj = json_decode($json_string);
$username = $jsonObj->{'username'};
$password = $jsonObj->{'password'};
// check for required fields
if ($username=="" || $password=="")
{
// required field is missing
$response["success"] = 0;
$response["message"] = "Required field(s) is missing";
// echoing JSON response
echo myencrypt(json_encode($response));
exit;
}
// 3) connecting to db
if (($username == "MarioRossi") && ($password == "79a38d896d90dbfe5e151a326602bc3a"))
{
// successfully inserted into database
$response["success"] = 1;
$response["message"] = "Access successfully created.";
// echoing JSON response
echo myencrypt(json_encode($response));
}
else {
// failed to access
$response["success"] = 0;
$response["message"] = "Oops! An error occurred.";
// echoing JSON response
echo myencrypt(json_encode($response));
}
/********************************************************************
IMPLEMENTING FUNCTIONS
********************************************************************/
/*
* Parse json_string
*/
function parseQuery($querystring)
{
$ciphertext = mysql_real_escape_string(stripslashes($querystring));
return mydecrypt($ciphertext);
}
?>