/
login_handler.php
99 lines (74 loc) · 1.94 KB
/
login_handler.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
<?php
require_once('config.php');
require_once(BASE_PATH.'/medoo.min.php');
/**
* This script contains the LoginHandler class description
*/
class LoginHandler {
public $userid = '';
private $config;
/**
* Login Handler class constructor method
* session is initialized and userid value is set
*/
function __construct($config) {
session_start();
$this->config = $config;
if(isset($_SESSION['userid'])) {
$this->userid = $_SESSION['userid'];
}
}
/**
* Checks if a user is already logged in
* @return boolean [true if logged in]
*/
public function is_logged_in() {
return isset($_SESSION['userid']);
}
/**
* Redirects to the login page with given message
* WARNING: Make sure page does not output anything
* before using this method
*/
public function redirect_login($msg) {
header("Location: ".$this->config['url']['base_url'].$this->config['url']['login'].'?msg='.base64_encode($msg));
}
/**
* Verifies user login and logs in
* returns false if invalid login details
* else true
*/
public function user_login($username, $password) {
$db = new medoo($this->config['db']);
$result = $db->select('users', ['userid','password','type'], ['username' => $username]);
if(count($result)==0) return False;
if(password_verify($password, $result[0]['password'])) {
$_SESSION['userid'] = $result[0]['userid'];
$_SESSION['user_type'] = $result[0]['type'];
return True;
}
return False;
}
/**
* logs user out
*/
public function user_logout() {
unset($_SESSION['userid']);
unset($_SESSION['user_type']);
}
/**
*
* Check user type
*/
public function get_user_type() {
return $_SESSION['user_type'];
}
/**
* Throw un-authorized error
* redirects to error page
*/
public function not_authorized_error() {
header("Location: ".$this->config['url']['base_url'].$this->config['url']['error'].'?msg='.base64_encode('You are not authorized to access this page.'));
}
}
?>