Beispiel #1
0
 /**
  * Login handler
  * 
  * @access   public
  * @static   WoW_Account::PerformLogin($username, $password)
  * @param    string $email
  * @param    string $password
  * @category Account Manager Class
  * @return   bool
  **/
 public static function PerformLogin($username, $password, $persistLogin = false, $from_cookie_session = false)
 {
     //        self::SetEmail($email);
     self::SetEmail($username);
     self::SetPassword($password);
     $from_cookie_session == true ? self::$sha_pass_hash = $password : self::CreateShaPassHash();
     // No SQL injection
     $user_data = DB::WoW()->selectRow("SELECT `id`, `first_name`, `last_name`, `email`, `sha_pass_hash`, `country_code` FROM `DBPREFIX_users` WHERE `email` = '%s' LIMIT 1", self::GetEmail());
     if (!$user_data) {
         WoW_Log::WriteLog('%s : user %s was not found in `DBPREFIX_users` table!', __METHOD__, self::GetEmail());
         self::SetLastErrorCode(ERROR_WRONG_USERNAME_OR_PASSWORD);
         return false;
     }
     if ($user_data['sha_pass_hash'] != self::GetShaPassHash()) {
         WoW_Log::WriteLog('%s : user %s tried to perform login with wrong password!', __METHOD__, self::GetEmail());
         self::SetLastErrorCode(ERROR_WRONG_USERNAME_OR_PASSWORD);
         return false;
     }
     self::$userid = $user_data['id'];
     self::$first_name = $user_data['first_name'];
     self::$last_name = $user_data['last_name'];
     self::$country_code = $user_data['country_code'];
     self::UserGames();
     self::CreateSession();
     self::SetLoginState(ACCMGR_LOGGED_IN);
     self::$login_time = time();
     self::DropLastErrorCode();
     // All fine, we can drop it now.
     if ($persistLogin || isset($_COOKIE['wow_session'])) {
         self::saveToCookieSession();
     }
     return true;
 }