public static function authenticate($username, $password) { $conn = self::get_database(); $user = mysql_fetch_assoc(database::queryf($conn, 'SELECT * FROM `users` WHERE `username` = %s', $username)); if (\lib\token::match($user['password'], $password, $user['id'], 0, 0) && $user['confirmed']) { return $user; } return false; }
public static function post() { if (\lib\token::match($_POST['token'], 'createuser', $_POST['email'], $_POST['time'], 0)) { // email confirmed \lib\user::confirm($_POST['email']); $user = \lib\user::get($_POST['email'], 'email'); $_SESSION['user_id'] = $user['id']; return true; } else { // email not confirmed // $_POST['']; return false; } }