/** * Purpose: Determine whether the supplied username and password * combination is valid * @param string $username the username to check * @param string $password the password to check * @return boolean True if the username/password combo is valid * and False otherwise */ public function isValid($username, $password) { // Verify that the username exits, and that the supplied password // matches the real password // By default, the combination is not valid $valid = FALSE; // Open a database connection $db = new DbObject(); // Query for the password for the specified username $qryResults = $db->select("password", "Member", "username='******'"); // If there was one row returned, check the password against // the supplied password if ($qryResults->num_rows == 1) { $passwordRow = $qryResults->fetch_row(); if (password_verify($password, $passwordRow[0])) { $valid = TRUE; } } // Return whether the username and password combination is valid return $valid; }