function authenticate()
{
$db = dungeon_connection();
$email = filter_input(INPUT_POST, "email", FILTER_VALIDATE_EMAIL);
$password = filter_input(INPUT_POST, "password");
if ($email == NULL || $email == false || $password == NULL || $password == false) {
return false;
}
$salt = '$6$!@#$%^&*()_+_)(*';
$hashed_password = crypt($password, $salt);
$query = 'SELECT * FROM users WHERE email = :email';
$statement = $db->prepare($query);
$statement->bindValue(':email', $email);
$statement->execute();
$row = $statement->fetch();
$db_password = $row['password'];
$db_hashed_password = $row['hashed_password'];
$first_name = $row['first_name'];
$user_id = $row['user_id'];
$statement->closeCursor();
if ($password == $db_password) {
$db_hashed_password = change_to_encrypted_password($user_id, $password);
}
if ($hashed_password == $db_hashed_password) {
update_logins($user_id);
session_start();
$_SESSION['user_id'] = $user_id;
$_SESSION['name'] = $first_name;
return true;
} else {
return false;
}
}
function authenticate()
{
$db = dungeon_connection();
$email = filter_input(INPUT_POST, "email", FILTER_VALIDATE_EMAIL);
$password = filter_input(INPUT_POST, "password");
$query = 'SELECT * FROM users WHERE email = :email and password = :password';
$statement = $db->prepare($query);
$statement->bindValue(':email', $email);
$statement->bindValue(':password', $password);
$statement->execute();
$row = $statement->fetch();
$db_email = $row['email'];
$db_password = $row['password'];
$first_name = $row['first_name'];
$user_id = $row['user_id'];
$statement->closeCursor();
if ($email == $db_email and $password == $db_password) {
//echo 'Your Credentials match!';
update_logins($user_id);
session_start();
$_SESSION['user_id'] = $user_id;
$_SESSION['name'] = $first_name;
return true;
} else {
//echo 'Your Credentials didnt match';
return false;
}
}
