openURI("php://output"); $xml->startDocument("1.0"); $xml->setIndent(true); $xml->startElement('root'); $xml->writeElement("error", (int) $isError); if ($isError) { $xml->writeElement("message", $errorMessage); } $xml->endElement(); $xml->endDocument(); $xml->flush(); exit; } /** * Check if login is allowed * @param string $login Login */ function checkUser($login) { global $mysqli; $sql = "SELECT id FROM users WHERE login = ?"; $query = $mysqli->prepare($sql); $query->bind_param('s', $login); $query->execute(); if ($query->errno) { exitWithStatus(true, $query->error); } $query->store_result(); if ($query->num_rows) { exitWithStatus(true, "User exists"); } $query->free_result(); $query->close(); } /** * Add new user to database * @param string $login Login * @param string $hash Password hash */ function insertUser($login, $hash) { global $mysqli; $sql = "INSERT INTO users (login, password) VALUES (?, ?)"; $query = $mysqli->prepare($sql); $query->bind_param('ss', $login, $hash); $query->execute(); if ($query->errno) { exitWithStatus(true, $query->error); $isError = false; } $query->close(); } $login = isset($_REQUEST['login']) ? trim($_REQUEST['login']) : NULL; $hash = isset($_REQUEST['pass']) ? password_hash($_REQUEST['pass'], PASSWORD_DEFAULT) : NULL; if ($admin && !empty($login) && !empty($hash)) { checkUser($login); insertUser($login, $hash); } exitWithStatus(false); ?>