/** * Used by SessionHandler::login() and others */ public static function getExact($type, $id, $name, $pwd) { $q = 'SELECT * FROM tblUsers' . ' WHERE id = ? AND name = ? AND type = ? AND time_deleted IS NULL'; $obj = Sql::pSelectRowToObject(__CLASS__, array($q, 'isi', $id, $name, $type)); if (!$obj) { return false; } $x = explode(':', $obj->password); if (count($x) == 2) { $algo = $x[0]; $pwd2 = $x[1]; } else { // auto fallback to old default (sha1) $algo = 'sha1'; $pwd2 = $obj->password; } $session = SessionHandler::getInstance(); $expected = $algo . ":" . $pwd2; if (Password::encrypt($id, $session->getEncryptKey(), $pwd, $algo) != $expected) { return false; } return $obj; }
public static function getByField($val, $tblname, $classname, $field_name) { if (!is_alphanumeric($tblname)) { throw new \Exception('tblname should be alphanumeric, isnt: ' . $tblname); } if (!is_alphanumeric($field_name)) { throw new \Exception('field_name should be alphanumeric, isnt: ' . $field_name); } $form = self::stringForm($val); $q = 'SELECT * FROM ' . $tblname . ' WHERE ' . $field_name . ' = ?'; return Sql::pSelectRowToObject($classname, array($q, $form, $val)); }