public static function authenticate($username, $password)
{
$user = DataManager::getUserByUserName($username);
if ($user != null && $user->getPassword() == self::getHash($username, $password)) {
$_SESSION['user'] = $user->getId();
return true;
}
self::signOut();
return false;
}
public static function authenticate($userName, $password)
{
$user = DataManager::getUserByUserName($userName);
if ($user != null && $user->getPasswordHash() == hash('sha1', "{$userName}|{$password}")) {
$_SESSION['user'] = $user->getId();
DataManager::logAction("Login succeeded by user with username="******"Login failed by user with username=" . $userName);
self::signOut();
sleep(2);
// make bruteforcing unfunny
return false;
}
