function login($email, $password)
{
// check username and password with db
// if yes, return true
// else throw exception
// connect to db
$dbInfo = initialize_db_info();
$dbLink = db_connect($dbInfo);
db_select($dbLink, $dbInfo);
$sql = generateUserVerificationSql($email, $password);
// check if username is unique
$result = mysql_query($sql, $dbLink);
if (!$result || mysql_num_rows($result) == 0) {
// The username and password did not match.
// Check to see if the user exists.
if (findUsername($email)) {
} else {
}
}
if (mysql_num_rows($result) > 0) {
$row = mysql_fetch_assoc($result);
$currentUser = new user_info();
$currentUser->setId($row['id']);
$currentUser->setFirstName($row['first_name']);
$currentUser->setLastName($row['last_name']);
$currentUser->setEmail($row['email']);
$currentUser->setHunterId($row['hunter_id']);
$currentUser->setLoggedIn(true);
$_SESSION['current_user'] = $currentUser;
$_SESSION['roles'] = getRoles($currentUser);
return $currentUser;
} else {
throw new Exception('no user found 2');
}
}
