Ejemplo n.º 1
0
    private function _findUser($username, $password)
    {
        $db =& $GLOBALS['db'];
        $sql = 'SELECT sm.*, p.*, GROUP_CONCAT(cr.congregationid) as congregation_restrictions, GROUP_CONCAT(gr.groupid) as group_restrictions
				FROM staff_member sm
					JOIN _person p ON sm.id = p.id
					LEFT JOIN account_congregation_restriction cr ON cr.personid = sm.id
					LEFT JOIN account_group_restriction gr ON gr.personid = sm.id
				WHERE sm.username = '******'
					AND active = 1
				GROUP BY p.id';
        $row = $db->queryRow($sql);
        check_db_result($row);
        if (!empty($row) && jethro_password_verify($password, $row['password'])) {
            $row['congregation_restrictions'] = empty($row['congregation_restrictions']) ? array() : explode(',', $row['congregation_restrictions']);
            $row['group_restrictions'] = empty($row['group_restrictions']) ? array() : explode(',', $row['group_restrictions']);
            return $row;
        }
        return NULL;
    }
    /**
     * Find a person record that matches the given email and password
     * @param string $email		Find a person with this record
     * @param string $password	Find a person with this member_password
     * @return array	Person details
     */
    private function _findAuthMember($email, $password)
    {
        $db =& $GLOBALS['db'];
        $sql = 'SELECT p.*
				FROM _person p
				WHERE p.email  = ' . $db->quote($email) . ' AND member_password IS NOT NULL';
        $res = $db->queryAll($sql);
        check_db_result($res);
        foreach ($res as $row) {
            if (jethro_password_verify($password, $row['member_password'])) {
                unset($row['member_password']);
                unset($row['history']);
                return $row;
            }
        }
        return NULL;
    }