public static function loginUser($username, $password = null)
{
if ($password === NULL) {
if (Database::doesUserExist($username)) {
self::setUser($username);
return true;
}
return false;
}
if (Database::verifyUser($username, $password)) {
self::setUser($username);
return true;
}
return false;
}
/**
* Constructor
*/
public function __construct()
{
$this->title = 'Config Panel - ' . Controller::siteName;
if (!isset($_SESSION['userID'])) {
return;
}
if (!isset($_POST['oldPass']) && !isset($_POST['newEmail']) && !isset($_POST['newPassword']) && !isset($_POST['newPassword2'])) {
return;
}
$d = new \Database();
// The user with the specific ID must exist
if (!$d->doesUserExist($_SESSION['userID'])) {
return;
}
$this->user = new \User($_SESSION['userID']);
$this->changeSettings();
}
/**
* Register a user
*/
public function register($username, $password, $password2, $emailAddress)
{
$database = new \Database();
// Test if logged in
if (isset($_SESSION['userID']) and $database->doesUserExist($_SESSION['userID'])) {
$this->registerMessage = ' <div class="alert alert-danger"><strong>You are already logged in.</strong></div>';
return false;
}
// Test if username already exists
if ($database->doesUserNameExist($username)) {
$this->registerMessage = '<div class="alert alert-danger"><strong>Username already exists, please choose a different one.</strong></div>';
return false;
}
// Test if username is too short
if (strlen($username) <= 3) {
$this->registerMessage = '<div class="alert alert-danger"><strong>Your username must be longer than 3 characters.</strong></div>';
return false;
}
// Test if passwords are the same
if ($password != $password2) {
$this->registerMessage = '<div class="alert alert-danger"><strong>Passwords do not match.</strong></div>';
return false;
}
// Test if password is too short
if (strlen($password) <= 3) {
$this->registerMessage = '<div class="alert alert-danger"><strong>Your password must be longer than 3 characters.</strong></div>';
return false;
}
// Test if email address is valid
if (!filter_var($emailAddress, FILTER_VALIDATE_EMAIL)) {
$this->registerMessage = '<div class="alert alert-danger"><strong>Your emailaddress is invalid.</strong></div>';
return false;
}
$salt = $this->generateSalt();
$hashedPassword = hashPassword($password, $salt);
$id = $database->registerUser($username, $salt, $hashedPassword, $emailAddress);
$this->registerMessage = '<div class="alert alert-success">Congratulations, account was successfully created.</strong></div>';
return true;
}
