How to use sessions created in php in Angularjs (Ionic)?

Asked

Viewed 802 times

0

Good night,

I’m creating an app on ionic and angularjs did the login through an ajax request to php which in turn checks and validates all through the database, the only problem I’m having and how after the login is successfully used session that I create in php.

PHP

<?php

    header('Access-Control-Allow-Origin: *');
    header('Access-Control-Allow-Methods: GET, POST');
    header("Content-type: application/json");
    session_start();

    require_once("../funcoes/funcoes.php");

        $sql = $conexao->prepare("SELECT * FROM users_social WHERE fb_email = :user AND password = :pass ");
        $sql->bindParam(':user', $_GET['email'], PDO::PARAM_STR);
        $sql->bindParam(':pass', sha1($_GET['password']), PDO::PARAM_STR);
        $sql->execute();

        if($sql->rowCount() == 1){

            $row = $sql->fetch(PDO::FETCH_ASSOC);

            $_SESSION = array();
            $_SESSION['user_id'] = $row['id'];
            $_SESSION['nome'] = $row['fb_nome'];
            $_SESSION['user_foto'] = $row['user_foto'];
            $_SESSION['user_slug'] = $row['slug'];

        }else{

            echo "erro ";

        }

?>

Controller

.controller('LoginInterno', function($scope, $http) {
    $scope.Btnlogin= function (input){
        $http.post("https://www.sabeonde.pt/api/api_login.php?email=" + input.email + "&password=" + input.password).success(function (data) {
            window.location = "#/app/home"
            $scope.login = data;
        }).
        error(function (data) {
            alert("Dados Incorrectos");
        });
    };
})

1 answer

1

I do it this way...

on my page php I keep in just one session

LOGIN.PHP

<?php

header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST');
header("Content-type: application/json");
session_start();

require_once("../funcoes/funcoes.php");

    $sql = $conexao->prepare("SELECT * FROM users_social WHERE fb_email = :user AND password = :pass ");
    $sql->bindParam(':user', $_GET['email'], PDO::PARAM_STR);
    $sql->bindParam(':pass', sha1($_GET['password']), PDO::PARAM_STR);
    $sql->execute();

    if($sql->rowCount() == 1){

        $row = $sql->fetch(PDO::FETCH_ASSOC);

        $_SESSION["user"] = $row;

    }else{

        echo "erro ";

    }

?>

when I want to access the session

Auth.php

session_start();


    if(isset($_SESSION["user"]) && (!empty($_SESSION["user"]))){
      echo json_encode($_SESSION["user"]);
    } else{
      echo json_encode(array("error" => "login"));
    }

 ?>

Controller

$http.get(config.BaseUrl+"/auth.php").success(function(inf){
        if(typeof inf == "object"){
 console.log(inf.id);
 console.log(inf.fb_nome);
 console.log(inf.user_foto);
 console.log(inf.slug);
}
  • Of course there are several ways to do this, but the question is, is this way quite safe? (is a good practice of programming for Angularjs?)

Browser other questions tagged

You are not signed in. Login or sign up in order to post.