function authenticate($login, $password, $remember = FALSE, $forward = TRUE, $origin = NULL) { $common = new common(); // Get all the administrators from the administrators.xml file. $administrators = simplexml_load_file($_SERVER['DOCUMENT_ROOT'] . "/data/administrators.xml") or die("Error: Cannot create administrators object"); foreach ($administrators as $administrator) { // If or when we get to a matching login compare the supplied password to the one stored inadministrators.xml. if ($administrator->login == $login) { if (password_verify($password, $administrator->password)) { // Set the session variable Authenticated to TRUE and assign the variable Login the supplied login. $_SESSION['authenticated'] = TRUE; $_SESSION['login'] = $login; $_SESSION['firstLogin'] = $common->stringToBoolean($administrator->firstLogin); // If the user wishes to be remembered set a cookie containg the authenticated and login variables. if ($remember) { setcookie("authenticated", TRUE, time() + 10 * 365 * 24 * 60 * 60); setcookie("login", $login, time() + 10 * 365 * 24 * 60 * 60); setcookie("firstLogin", $common->stringToBoolean($administrator->firstLogin), time() + 10 * 365 * 24 * 60 * 60); } // Forward the user if the $forward variable is set to TRUE. if ($forward) { if (isset($origin)) { // Redirect the authenticated visitor to their original destination. header("Location: " . urldecode($origin)); } else { // Redirect the user to the administration homepage. header("Location: index.php"); } } return TRUE; } } } // If things got this far authentication failed. return FALSE; }