update localhost setting

update SQL pdo

.vscode/launch.json

@@ -0,0 +1,49 @@
+{
+    // 使用 IntelliSense 以得知可用的屬性。
+    // 暫留以檢視現有屬性的描述。
+    // 如需詳細資訊，請瀏覽: https://go.microsoft.com/fwlink/?linkid=830387
+    "version": "0.2.0",
+    "configurations": [
+    
+        {
+            "name": "Listen for Xdebug",
+            "type": "php",
+            "request": "launch",
+            "port": 9003
+        },
+        {
+            "name": "Launch currently open script",
+            "type": "php",
+            "request": "launch",
+            "program": "${file}",
+            "cwd": "${fileDirname}",
+            "port": 0,
+            "runtimeArgs": [
+                "-dxdebug.start_with_request=yes"
+            ],
+            "env": {
+                "XDEBUG_MODE": "debug,develop",
+                "XDEBUG_CONFIG": "client_port=${port}"
+            }
+        },
+        {
+            "name": "Launch Built-in web server",
+            "type": "php",
+            "request": "launch",
+            "runtimeArgs": [
+                "-dxdebug.mode=debug",
+                "-dxdebug.start_with_request=yes",
+                "-S",
+                "localhost:0"
+            ],
+            "program": "",
+            "cwd": "${workspaceRoot}",
+            "port": 9003,
+            "serverReadyAction": {
+                "pattern": "Development Server \\(http://localhost:([0-9]+)\\) started",
+                "uriFormat": "http://localhost:%s",
+                "action": "openExternally"
+            }
+        }
+    ]
+}

assets/glb/.htaccess

@@ -1,5 +1,5 @@
 <Limit GET>
 order deny,allow
 deny from all
-allow from 10.1 61.222
+allow from 10.1 61.222 127.0.0.1
 </Limit>

script/php/authenticate.php

@@ -12,24 +12,30 @@ if ((empty($_SESSION['check_word'])) || (empty($_POST['captcha']))) {
 $DATABASE_USER = 'maabim';
 $DATABASE_PASS = 'maabim001';
 $DATABASE_NAME = 'phplogin';*/
-$serverName = "GMGIS\SQLEXPRESS"; //test server 201
+$hostname = "GMGIS\SQLEXPRESS"; //test server 201
 $username = 'BIMuser';
 $password = 'Component3444';
-$dbname = 'BIMComponents';
+$db_name = 'BIMComponents';
 
-$connectionInfo = array("Database" => "$dbname", "UID" => "$username", "PWD" => "$password", "CharacterSet" => "UTF-8");
-$conn = sqlsrv_connect($serverName, $connectionInfo);
-if ($conn === false) {
-    die(print_r(sqlsrv_errors(), true));
+
+try {
+    $pdo = new PDO('sqlsrv:Server='.$hostname.';Database='.$db_name,$username,$password);
+    $pdo->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+} catch (PDOException $e) {
+    echo $e;
+    echo json_encode('Error connecting to the server.');
+    die ();
 }
+$sth = $pdo->prepare("SELECT * FROM [BIMComponents].[dbo].[User_Account] WHERE [account] = ?;");
+$sth->execute(array($_POST['username']));
 
 if (!isset($_POST['username'], $_POST['password'])) {
     exit('Please fill both the username and password fields!');
 }
 $i = 0;
-$sql = "SELECT * FROM [BIMComponents].[dbo].[User_Account] WHERE [account] = '" . $_POST['username'] . "';";
-$fetchResult = sqlsrv_query($conn, $sql);
-while ($row = sqlsrv_fetch_array($fetchResult)) {
+
+$query = $sth->fetchAll();
+foreach ($query as $row){
     $i++;
     if (md5($_POST['password']) == $row["userPassword"]) {
         session_regenerate_id();
@@ -46,29 +52,5 @@ if ($i == 0) {
     echo '帳號不存在，請再次檢查';
 }
 
-
-
-/*if ($stmt = $con->prepare('SELECT id, password FROM accounts WHERE username = ?')) {
-	$stmt->bind_param('s', $_POST['username']);
-	$stmt->execute();
-	$stmt->store_result();
-    if ($stmt->num_rows > 0) {
-        $stmt->bind_result($id, $password);
-        $stmt->fetch();
-        if (password_verify($_POST['password'], $password)) {
-            session_regenerate_id();
-            $_SESSION['loggedin'] = TRUE;
-            $_SESSION['name'] = $_POST['username'];
-            $_SESSION['id'] = $id;
-			echo 'success';
-            //header('Location: ../../index.php');
-        } else {
-            echo 'Incorrect password!';
-        }
-    } else {
-        echo 'Incorrect username!';
-    }
-
-	$stmt->close();
-}*/
-sqlsrv_close($conn);
+$sth = null;
+$pdo = null;

script/php/connectSQL.php

@@ -1,13 +1,12 @@
 <?php
-//$serverName = "engdig\AUTODESKVAULT"; //test server 202
+//$serverName = "engdig\SQLEXPRESS"; //test server 202
 $serverName = "GMGIS\SQLEXPRESS"; //test server 201
 $username = 'BIMuser';
 $password = 'Component3444';
 $dbname = 'C3';
 
-$connectionInfo = array("Database"=>"$dbname", "UID"=>"$username", "PWD"=>"$password", "CharacterSet"=>"UTF-8");
+$connectionInfo = array("Database" => "$dbname", "UID" => "$username", "PWD" => "$password", "CharacterSet" => "UTF-8");
 $conn = sqlsrv_connect($serverName, $connectionInfo);
-if($conn === false){
+if ($conn === false) {
     die(print_r(sqlsrv_errors(), true));
 }
-?>

script/php/testSQL.php

@@ -11,6 +11,7 @@ try {
     $pdo = new PDO('sqlsrv:Server='.$hostname.';Database='.$db_name,$username,$password);
     $pdo->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
 } catch (PDOException $e) {
+    echo $e;
     echo json_encode('Error connecting to the server.');
     die ();
 }