<?php ini_set('display_errors',1); ini_set('display_startup_errors',1); error_reporting(E_ALL); session_start(); header('Access-Control-Allow-Origin: *'); header("Content-Type: application/json"); require_once('dbconnection.php'); // error_reporting(0); $action = $_POST['action'] ?? ""; // Google reCAPTCHA secret key $secretKey = "6LeLySAsAAAAAJiMq--0WDubHSJItXnxUk_exlQk"; // CAPTCHA CHECK $captcha = $_POST['g-recaptcha-response'] ?? ""; if (!$captcha) { echo json_encode(["status" => "failed", "message" => "Captcha missing"]); exit; } // Verify captcha with Google $verifyURL = "https://www.google.com/recaptcha/api/siteverify?secret=$secretKey&response=$captcha"; $response = file_get_contents($verifyURL); $responseData = json_decode($response); // echo json_encode($responseData); if (!$responseData->success) { echo json_encode(["status" => "failed", "message" => "Captcha verification failed"]); exit; } // LOGIN ACTION if ($action == "checklogin") { $username = $_POST['username'] ?? ""; $password = $_POST['password'] ?? ""; $pass = md5($password); // Check if user exists $sql1 = "SELECT * FROM login WHERE username='$username'"; $res1 = mysqli_query($con, $sql1); if (mysqli_num_rows($res1) == 0) { echo json_encode(["status" => "failed", "message" => "User Not Found"]); exit; } // Validate password $sql2 = "SELECT * FROM login WHERE username='$username' AND password_enc='$pass'"; $res2 = mysqli_query($con, $sql2); if (mysqli_num_rows($res2) == 0) { echo json_encode(["status" => "failed", "message" => "Password is incorrect"]); exit; } // SUCCESS $_SESSION['login_user'] = $username; echo json_encode([ "status" => "success", "message" => "Logged in successfully", "login_user" => $username ]); exit; } // DEFAULT echo json_encode(["status" => "failed", "message" => "Invalid action"]);