public static function validateUser($username, $password)
{
$appInstance = App::getInstance();
$user = new DB();
$user = $user->prepare('Select ' . $appInstance->getConfig()->app['user_table']['id'] . ', ' . $appInstance->getConfig()->app['user_table']['password'] . ' From ' . $appInstance->getConfig()->app['user_table']['name'] . ' where ' . $appInstance->getConfig()->app['user_table']['username'] . '=?');
$user->execute(array($username));
$result = $user->fetchAllAssoc();
if (count($result) > 1) {
throw new \Exception('there are more than 1 user with this credentials', 500);
}
if (count($result) < 1) {
return false;
}
if (!Common::verifyPassword($password, $result[0][$appInstance->getConfig()->app['user_table']['password']])) {
return false;
}
$_SESSION['id'] = $result[0][$appInstance->getConfig()->app['user_table']['id']];
return true;
}
public function editProfile(UserModel $user, $new_password)
{
$validator = new Validation();
$validator->setRule('required', $user->email, null, 'Email');
$validator->setRule('required', $user->password, null, 'Current Password');
$validator->setRule('email', $user->email, null, 'Email');
if (!$validator->validate()) {
Session::setError($validator->getErrors());
Redirect::back();
}
/* @var $user \Models\UserModel */
$userFromDb = $this->user->getUser(Auth::getUserId());
if (!Common::verifyPassword($user->password, $userFromDb->password)) {
Session::setError('Current password is not correct');
Redirect::back();
}
if ($this->user->editUser(Auth::getUserId(), $user->email, Common::hashPassword($new_password)) !== 1) {
Session::setError('Something is wrong. Try again.');
Redirect::back();
}
Session::setMessage('The profile is edited');
Redirect::to('');
}