Beispiel #1
0
 public static function authenticate($username, $password)
 {
     $user = DataManager::getUserByUserName($username);
     if ($user != null && $user->getPassword() == self::getHash($username, $password)) {
         $_SESSION['user'] = $user->getId();
         return true;
     }
     self::signOut();
     return false;
 }
 public static function authenticate($userName, $password)
 {
     $user = DataManager::getUserByUserName($userName);
     if ($user != null && $user->getPasswordHash() == hash('sha1', "{$userName}|{$password}")) {
         $_SESSION['user'] = $user->getId();
         DataManager::logAction("Login succeeded by user with username="******"Login failed by user with username=" . $userName);
     self::signOut();
     sleep(2);
     // make bruteforcing unfunny
     return false;
 }