public function login($email, $password)
{
$email = htmlspecialchars($email);
$password = htmlspecialchars($password);
$user = R::findOne('foxfwusers', 'email=? AND etat>0', [$email]);
if ($user == NULL) {
return false;
}
if ($password != FoxFWCrypte::decrypte($user->password, $user->clef)) {
return false;
}
$_SESSION['FoxFWUsersCo'] = $user->clef;
$this->orm = $user;
$this->update = true;
$this->updateConnect();
return true;
}
private static function securityFormSend()
{
//token des formulaires
if (!isset($_SESSION['form_token'])) {
$_SESSION['form_token'] = FoxFWCrypte::randomString(20);
}
if (count($_POST) > 0) {
//verifier que le token existe dans le formulaire
if (isset($_POST['tf_t']) && isset($_POST['tf_u'])) {
if ($GLOBALS['User']->isLogin()) {
$clef = FoxFWCrypte::decrypte($_POST['tf_u'], $_SESSION['form_token']);
if ($clef != $GLOBALS['User']->getClef()) {
sleep(10);
FoxFWKernel::loadRouter('index');
}
}
if ($_POST['tf_t'] != $_SESSION['form_token']) {
sleep(3);
FoxFWKernel::loadRouter('index');
}
} else {
die('Security: Error Form !');
}
//recharge du token
$_SESSION['form_token'] = FoxFWCrypte::randomString(20);
}
}
