diff options
| author | Simon Rettberg | 2013-10-28 18:29:29 +0100 |
|---|---|---|
| committer | Simon Rettberg | 2013-10-28 18:29:29 +0100 |
| commit | 160880836462e277c77427e71a2ba97a2ad17184 (patch) | |
| tree | 656a2199846bb762c91fdfdebe30c54fd36b21c4 /inc/user.inc.php | |
| parent | Show different content on main page depending on logged in/guest status (diff) | |
| download | slx-admin-160880836462e277c77427e71a2ba97a2ad17184.tar.gz slx-admin-160880836462e277c77427e71a2ba97a2ad17184.tar.xz slx-admin-160880836462e277c77427e71a2ba97a2ad17184.zip | |
DB-Support, add user functionality
Diffstat (limited to 'inc/user.inc.php')
| -rw-r--r-- | inc/user.inc.php | 25 |
1 files changed, 14 insertions, 11 deletions
diff --git a/inc/user.inc.php b/inc/user.inc.php index f10a4f65..b988bbeb 100644 --- a/inc/user.inc.php +++ b/inc/user.inc.php @@ -14,13 +14,16 @@ class User public static function getName() { if (self::$user === false) return false; - return self::$user['name']; + return self::$user['fullname']; } public static function load() { - if (Session::loadSession()) { - self::$user['name'] = 'Hans'; + if (Session::load()) { + $uid = Session::get('uid'); + if ($uid === false || $uid < 1) self::logout(); + self::$user = Database::queryFirst('SELECT * FROM user WHERE userid = :uid LIMIT 1', array(':uid' => $uid)); + if (self::$user === false) self::logout(); return true; } return false; @@ -28,14 +31,14 @@ class User public static function login($user, $pass) { - if ($user == 'test' && $pass == 'test') { - Session::createSession();; - Session::set('uid', 1); - Session::set('token', md5(rand() . time() . rand() . $_SERVER['REMOTE_ADDR'] . rand() . $_SERVER['REMOTE_PORT'] . rand() . $_SERVER['HTTP_USER_AGENT'])); - Session::save(); - return true; - } - return false; + $ret = Database::queryFirst('SELECT userid, passwd FROM user WHERE login = :user LIMIT 1', array(':user' => $user)); + if ($ret === false) return false; + if (crypt($pass, $ret['passwd']) !== $ret['passwd']) return false; + Session::create(); + Session::set('uid', $ret['userid']); + Session::set('token', md5(rand() . time() . rand() . $_SERVER['REMOTE_ADDR'] . rand() . $_SERVER['REMOTE_PORT'] . rand() . $_SERVER['HTTP_USER_AGENT'])); + Session::save(); + return true; } public static function logout() |