public function validateUser($userName, $password) { $stmt = "CALL SP_Users('','',?,'','','','2015-01-04','','r',@result)"; $user = $this->db->executeStoreProcedure($stmt, array($userName)); $this->clientIP = $_SERVER["REMOTE_ADDR"]; //echo $this->clientIP; if (!$user->error()) { $results = $user->results(); $loginAttemptsId = $user->results()[0]->userId; if ($this->confirmIPAddress($loginAttemptsId, $this->clientIP) == 0) { //echo "yes"; $dbSalt = $results[0]->salt; $password = hash('sha512', $password . $dbSalt); if ($password === $results[0]->password) { $this->clearLoginAttempts($loginAttemptsId, $clientIP); Session::setUserName($results[0]->firstName . ' ' . $results[0]->lastName); Session::setUserType($results[0]->userType); return "valid"; } else { //echo $this->clientIP; $attempt = $this->addLoginAttempt($loginAttemptsId, $this->clientIP); //echo $attempt; return "invalid"; } } else { if ($this->confirmIPAddress($loginAttemptsId, $this->clientIP) == 1) { //echo 'your account is bloced for 30 minutes'; return "blocked"; } } } else { return "invalid"; } }
/** * Establece las variables de sesiĆ³n del usuario. * * @param User $User * @throws SPException */ public static function loadUserSession(User $User) { Session::setUserId($User->getUserId()); Session::setUserName($User->getUserName()); Session::setUserLogin($User->getUserLogin()); Session::setUserProfileId($User->getUserProfileId()); Session::setUserGroupId($User->getUserGroupId()); Session::setUserGroupName($User->getUserGroupName()); Session::setUserEMail($User->getUserEmail()); Session::setUserIsAdminApp($User->isUserIsAdminApp()); Session::setUserIsAdminAcc($User->isUserIsAdminAcc()); Session::setUserIsLdap($User->isUserIsLdap()); Session::setUserProfile(Profile::getProfile($User->getUserProfileId())); }