/** * login the user * * @param string $username * @param string $password * @param boolean $remember * @return boolean */ public static function login($username, $password, $remember = false) { $query = DNS::getDB()->query("SELECT * FROM dns_user WHERE username = ?", array($username)); $row = DNS::getDB()->fetch_array($query); if (!empty($row)) { if (crypt(crypt($password, $row['password']), $row['password']) == $row['password']) { DNS::getSession()->register('login', 1); DNS::getSession()->register('username', $row["username"]); DNS::getSession()->register('userID', $row["userID"]); DNS::getSession()->register('status', intval($row["status"])); DNS::getSession()->register('csrf_token', DNS::generateRandomID()); if ($remember === true) { $sha1UserID = sha1($row["userID"]); $sha1Password = sha1($row['password']); $sha1CookieHash = sha1($sha1UserID . $sha1Password); setcookie("userID", $sha1UserID, time() + 3600 * 24 * 60); // 60 days setcookie("cookieHash", $sha1CookieHash, time() + 3600 * 24 * 60); // 60 days } return true; } } return false; }