public function validateUser($userName, $password)
{
$stmt = "CALL SP_Users('','',?,'','','','2015-01-04','','r',@result)";
$user = $this->db->executeStoreProcedure($stmt, array($userName));
$this->clientIP = $_SERVER["REMOTE_ADDR"];
//echo $this->clientIP;
if (!$user->error()) {
$results = $user->results();
$loginAttemptsId = $user->results()[0]->userId;
if ($this->confirmIPAddress($loginAttemptsId, $this->clientIP) == 0) {
//echo "yes";
$dbSalt = $results[0]->salt;
$password = hash('sha512', $password . $dbSalt);
if ($password === $results[0]->password) {
$this->clearLoginAttempts($loginAttemptsId, $clientIP);
Session::setUserName($results[0]->firstName . ' ' . $results[0]->lastName);
Session::setUserType($results[0]->userType);
return "valid";
} else {
//echo $this->clientIP;
$attempt = $this->addLoginAttempt($loginAttemptsId, $this->clientIP);
//echo $attempt;
return "invalid";
}
} else {
if ($this->confirmIPAddress($loginAttemptsId, $this->clientIP) == 1) {
//echo 'your account is bloced for 30 minutes';
return "blocked";
}
}
} else {
return "invalid";
}
}
/**
* Establece las variables de sesiĆ³n del usuario.
*
* @param User $User
* @throws SPException
*/
public static function loadUserSession(User $User)
{
Session::setUserId($User->getUserId());
Session::setUserName($User->getUserName());
Session::setUserLogin($User->getUserLogin());
Session::setUserProfileId($User->getUserProfileId());
Session::setUserGroupId($User->getUserGroupId());
Session::setUserGroupName($User->getUserGroupName());
Session::setUserEMail($User->getUserEmail());
Session::setUserIsAdminApp($User->isUserIsAdminApp());
Session::setUserIsAdminAcc($User->isUserIsAdminAcc());
Session::setUserIsLdap($User->isUserIsLdap());
Session::setUserProfile(Profile::getProfile($User->getUserProfileId()));
}
