/**
* Prüft ob Kombination Benutzer und Passwort existiert
* @param string $username
* @param string $password
* @return bool Ja, wenn Benutzer + Passwort vorhanden ist
*/
public function checkUser($username, $password)
{
$userList = new \fpcm\model\users\userList();
$userid = $userList->getUserIdByUsername($username);
if (!$userid) {
trigger_error('Login failed for username ' . $username . '! User not found. Request was made by ' . \fpcm\classes\http::getIp());
return false;
}
$user = new \fpcm\model\users\author($userid);
if ($user->getDisabled()) {
trigger_error('Login failed for username ' . $username . '! User is disabled. Request was made by ' . \fpcm\classes\http::getIp());
return \fpcm\model\users\author::AUTHOR_ERROR_DISABLED;
}
if (\fpcm\classes\security::createPasswordHash($password, $user->getPasswd()) == $user->getPasswd()) {
$timer = time();
$this->login = $timer;
$this->lastaction = $timer;
$this->logout = 0;
$this->userid = $userid;
$this->sessionid = \fpcm\classes\security::createSessionId();
$this->ip = \fpcm\classes\http::getIp();
$this->sessionExists = true;
return true;
}
trigger_error('Login failed for username ' . $username . '! Wrong username or password. Request was made by ' . \fpcm\classes\http::getIp());
return false;
}
