password)); $email = mysqli_real_escape_string($mysqli, trim($request->username)); $sql=''; $sql = "SELECT * FROM user where (login='$email' OR email = '$email') and password='" . password($pwd) . "';"; echo $sql; if($result = mysqli_query($mysqli,$sql)) { $rows = array(); while($row = mysqli_fetch_assoc($result)) { $rows[] = $row; } // echo json_encode($rows); echo json_encode( array( "id" => $rows[0].id, "login" => $rows[0].login, "name" => $rows[0].name, "email" => $rows[0].email, "token" => uniqid() )); } else { http_response_code(401); } }