html - How to login with Google Account from my PHP application? -
i need help. have been create php application , has sign in authentication access it. user table :
=========================================================== username | password | email | e_pass =========================================================== admin | admin | mymail@google.com | mygooglepassword =========================================================== username , password column local authentication, email , e_pass google authentication. so, how can that? both local , google authentication done @ same step? because google calendar , google drive embedded in php application , need google authentication access them.
here authentication code php code :
<?php if (empty($_post['userid']) or empty($_post['passwd'])) { // jika file diakses secara langsung ?> <script type="text/javascript"> alert("you can't access file directly!"); </script>"; <script> document.location.href='index.php'; </script> <?php } else { include "conn.php"; $user = $_post['userid']; $pass = sha1($_post['passwd']); $sql = mysql_query("select * access username = '$user'") or die (mysql_error()); $num = mysql_num_rows($sql); if ($num <> 0) { // jika username ditemukan dalam tabel access $sql = mysql_query("select * access password = '$pass'") or die (mysql_error()); $num = mysql_num_rows($sql); if ($num <> 0) { // jika password ditemukan dalam table access $sql = mysql_query("select * access username = '$user' , password = '$pass'") or die (mysql_error()); $data = mysql_fetch_array($sql); // google authentication code supposed here if ($data['unit'] == 'operational') { // jika unit operational session_start(); $_session['id'] = $data['id']; $_session['unit'] = $data['unit']; $_session['sub'] = $data['subunit']; if ($data['subunit'] == 'manager') { // jika berstatus manager ?> <script>document.location.href='operational/manager/operational_manager.php?page=home';</script> <?php } else if ($data['subunit'] == 'facility') { ?> <script>document.location.href='operational/facility/facility.php?page=home';</script> <?php } else if ($data['subunit'] == 'transport') { ?> <script>document.location.href='operational/transportation/transport.php?page=home';</script> <?php } else if ($data['subunit'] == 'procure') { ?> <script>document.location.href='operational/procurement/procure.php?page=home';</script> <?php } else if ($data['subunit'] == 'it') { ?> <script>document.location.href='operational/it/it.php?page=home';</script> <?php } else if ($data['subunit'] == 'accounting') { ?> <script>document.location.href='operational/accounting/account.php?page=home';</script> <?php } } else if ($data['unit'] == 'academic') { // jika unit academic session_start(); $_session['id'] = $data['id']; $_session['unit'] = $data['unit']; $_session['sub'] = $data['subunit']; if ($data['subunit'] == 'manager') { // jika berstatus manager ?> <script>document.location.href='academic/manager/academic_manager.php?page=home';</script> <?php } else { ?> <script>document.location.href='academic/academic.php?page=home';</script> <?php } } else if ($data['unit'] == 'bisdev') { // jika unit bisdev session_start(); $_session['id'] = $data['id']; $_session['unit'] = $data['unit']; $_session['sub'] = $data['subunit']; if ($data['subunit'] == 'manager') { // jika berstatus manager ?> <script>document.location.href='bisdev/manager/bisdev_manager.php?page=home';</script> <?php } else { ?> <script>document.location.href='bisdev/bisdev.php?page=home';</script> <?php } } else if ($data['unit'] == 'admin') { // jika admin session_start(); $_session['id'] = $data['id']; $_session['unit'] = $data['unit']; $_session['sub'] = $data['subunit']; ?> <script>document.location.href='admin/admin.php?page=home';</script> <?php } else if ($data['unit'] == 'director') { // jika director session_start(); $_session['id'] = $data['id']; $_session['unit'] = $data['unit']; $_session['sub'] = $data['subunit']; ?> <script>document.location.href='director/director.php?page=home';</script> <?php } } else if ($num == 0){ // jika password tidak ditemukan dalam table access ?> <script type="text/javascript"> alert("incorrect password!"); </script>"; <script> document.location.href='index.php'; </script> <?php } } else if($num == 0) { // jika username tidak ditemukan dalam tabel access ?> <script type="text/javascript"> alert("username not registered!"); </script>"; <script> document.location.href='index.php'; </script> <?php } } ?>
you should not use email , password directly. should use oauth 2.0. can learn more oauth here.
you should store user's access token instead of email id's password.
Comments
Post a Comment