function userIsLoggedIn() { $user = new ProcessUsers(); if (isset($_POST['action']) and $_POST['action'] == 'login') { if (!isset($_POST['username']) or $_POST['username'] == '' or !isset($_POST['password']) or $_POST['password'] == '') { $GLOBALS['loginError'] = 'Please fill in both fields'; return FALSE; } $password = sha1($_POST['password'] . 'lfiDE3VtFQEK57a2CEupBN6I27B3E5H4'); $userExists = $user->databaseContainsUser($_POST['username'], $password); if ($userExists) { session_start(); $_SESSION['loggedIn'] = TRUE; $_SESSION['username'] = $_POST['username']; $_SESSION['password'] = $password; return TRUE; } else { session_start(); unset($_SESSION['loggedIn']); unset($_SESSION['username']); unset($_SESSION['password']); $GLOBALS['loginError'] = 'The specified username address or password was incorrect.'; return FALSE; } } if (isset($_POST['action']) and $_POST['action'] == 'logout') { session_start(); unset($_SESSION['loggedIn']); unset($_SESSION['username']); unset($_SESSION['password']); header('Location: ' . $_POST['goto']); exit; } session_start(); if (isset($_SESSION['loggedIn'])) { $userExists = $user->databaseContainsUser($_SESSION['username'], $_SESSION['password']); return $userExists; } }