public function login($login, $password, $remember = false)
{
/**
* @var $user \User
*/
$user = Application::get_class(\User::class);
$mapper = $user->get_mapper();
$login = VarHandler::sanitize_var($login, 'string', '');
$password = VarHandler::sanitize_var($password, 'string', '');
$password = trim($password);
$collection = $mapper->find_where(['login' => ['=', $login]]);
$result = false;
$identity = null;
if ($collection->count()) {
/**
* @var $identity UserModel
*/
$identity = $collection->one();
if ($password || trim($identity->password)) {
if (password_verify($password, trim($identity->password))) {
$result = true;
}
} else {
$result = true;
}
}
if ($result && $identity) {
if (trim($identity->remember_hash) === '') {
$identity->remember_hash = password_hash($identity->password . $identity->login, PASSWORD_DEFAULT);
$mapper->save($identity);
}
if ($remember) {
setcookie('user', $identity->remember_hash, strtotime('+10 years'), '/');
/*
* for tests
*/
$_COOKIE['user'] = $identity->remember_hash;
} else {
/**
* @var $session \Session
*/
$session = Application::get_class(\Session::class);
$session->set_var('user', $identity->remember_hash);
}
}
return $result;
}
/**
* @param string $var
* @param string $filter
* @param string $default
* @param string $expected
* @covers common\classes\VarHandler::sanitize_var
* @dataProvider sanitize_var_provider
*/
public function test_sanitize_var($var, $filter, $default, $expected)
{
self::assertEquals($expected, VarHandler::sanitize_var($var, $filter, $default));
}
