public function login() { $email = $this->request->post('email'); $pass = $this->request->post('pass'); $type = $this->request->post('type'); if (empty($email) || empty($pass) || empty($type)) { return false; } switch ($type) { case 'id': if (!is::id($email)) { return false; } if (is_string($email)) { $email = (double) $email; } $sql = 'SELECT id,pass,code FROM UserLogin WHERE id=:id'; break; case 'email': if (!is::email($email)) { return false; } $sql = 'SELECT id,pass,code FROM UserLogin WHERE email=:id'; break; case 'phone': if (!is::phone($email)) { return false; } $sql = 'SELECT id,pass,code FROM UserLogin WHERE phone=:id'; break; case 'name': if (!is::username($email)) { return false; } $sql = 'SELECT u.id,u.pass,u.code FROM UserLogin AS u, User AS n WHERE n.name=:id'; break; default: return false; } $user = $this->mysql->query($sql, array('id' => $email))->fetch(); if ($user !== false) { if (!is_numeric($user->id)) { $user->id = (double) $user->id; } if ($this->security->checkHash($pass, $user->pass)) { if ($user->code) { $array = array('error' => true, 'type' => 'code'); } else { $array = array('error' => false, 'data' => array('uid' => $user->id, 'act' => time())); } } else { $array = array('error' => true, 'type' => 'pass'); } } else { $array = array('error' => true, 'type' => $type); } $this->response->setJsonContent($array); return $this->response; }