bitforth · September 26, 2013 01:42
diff --git a/xml.php b/xml.php
 <?php
 ob_start();
 $hostname = "localhost";
 $username = "usuario";
 $password = "password123";
 $database = "mibd";

 $mysqli = new MySQLi($hostname, $username, $password, $database);
 $amIConnected = ($mysqli->connect_errno) ? FALSE: TRUE;

 isset($_POST['usr']) or die ("username not set");
 isset($_POST['pwd']) or die ("password not set");

 $usr = $_POST['usr'];
 $pwd = md5($_POST['pwd']); // Aqui uso MD5 solamente por simplicidad.

 $strSQL = "SELECT `agent_code` FROM `users` WHERE `username` = ? AND `password` = ?";

 if(!($query = $mysqli->prepare($strSQL))) {
    die("Query no preparada\nCausas:\n".$mysqli->error);
 }
 if(!($query->bind_param("ss",$usr,$pwd))) {
    die("Los parametros no fueron asociados con la consulta SQL\nCausas:\n".$query->error);
 }
 if(!($query->execute())) {
    die("Hubo un error durante la ejecucion de la consulta SQL:\n".$query->error);
 }
 if(!($query->bind_result($agent_code))) {
    die("No se pudo asociar el resultado con la variable:\n".$query->error);
 }
 if($query->fetch()) {
 header("Content-Type: text/xml");
    echo "<?xml version="1.0" encoding="utf-8"?>n";
    echo "<authentication>n";
      echo "<result>n";
      echo "<ID>".$agent_code."</ID>n";
      echo "</result>n";
  echo "</authentication>";
 } else {
 header("Content-Type: text/xml");
    echo "<?xml version="1.0" encoding="utf-8"?>n";
    echo "<authentication>n";
      echo "<result>n";
      echo "<ID>-1</ID>n";
      echo "</result>n";
  echo "</authentication>";
 }
 $query->close();
 $mysqli->close();
 ?>
	<?php
	ob_start();
	$hostname = "localhost";
	$username = "usuario";
	$password = "password123";
	$database = "mibd";

	$mysqli = new MySQLi($hostname, $username, $password, $database);
	$amIConnected = ($mysqli->connect_errno) ? FALSE: TRUE;

	isset($_POST['usr']) or die ("username not set");
	isset($_POST['pwd']) or die ("password not set");

	$usr = $_POST['usr'];
	$pwd = md5($_POST['pwd']); // Aqui uso MD5 solamente por simplicidad.

	$strSQL = "SELECT `agent_code` FROM `users` WHERE `username` = ? AND `password` = ?";

	if(!($query = $mysqli->prepare($strSQL))) {
	die("Query no preparada\nCausas:\n".$mysqli->error);
	}
	if(!($query->bind_param("ss",$usr,$pwd))) {
	die("Los parametros no fueron asociados con la consulta SQL\nCausas:\n".$query->error);
	}
	if(!($query->execute())) {
	die("Hubo un error durante la ejecucion de la consulta SQL:\n".$query->error);
	}
	if(!($query->bind_result($agent_code))) {
	die("No se pudo asociar el resultado con la variable:\n".$query->error);
	}
	if($query->fetch()) {
	header("Content-Type: text/xml");
	echo "<?xml version="1.0" encoding="utf-8"?>n";
	echo "<authentication>n";
	echo "<result>n";
	echo "<ID>".$agent_code."</ID>n";
	echo "</result>n";
	echo "</authentication>";
	} else {
	header("Content-Type: text/xml");
	echo "<?xml version="1.0" encoding="utf-8"?>n";
	echo "<authentication>n";
	echo "<result>n";
	echo "<ID>-1</ID>n";
	echo "</result>n";
	echo "</authentication>";
	}
	$query->close();
	$mysqli->close();
	?>