/**
* Logins the user
* @return null on success and string containing error message on error.
*/
public function login()
{
session_start();
$sql = SqlConnect::getInstance();
$result = $sql->runQuery("SELECT admin, member_id, pass_hash, salt FROM Member where player_tag = '" . $this->player_tag . "';");
if ($result->num_rows == 0) {
return "Username does not exist.";
}
$row = $result->fetch_assoc();
$hash = $row["pass_hash"];
$salt = $row["salt"];
$this->id = $row["member_id"];
$admin = $row["admin"];
echo $admin;
// verify that password matches with stored password
$success = authUtil::verifyPass(HASHALGO, $hash, $salt, $this->player_tag, $this->password);
if ($success) {
$_SESSION["id"] = $this->id;
$_SESSION["player_tag"] = $this->player_tag;
$_SESSION["admin"] = $admin;
return NULL;
} else {
return "Username and password did not match.";
}
}
<?php
$tournament_id = $_GET["tournament_id"];
include_once '../../resources/sqlconnect.php';
$sql = SqlConnect::getInstance();
$sql->runQuery("UPDATE Tournament SET open=0 WHERE tournament_id='{$tournament_id}';");
header('Location: ../tournaments_display.php?tournament_id=' . $tournament_id);
die;
/**
* Escapes the given string
*/
public function escape($str)
{
SqlConnect::getInstance();
return mysqli_real_escape_string($this->connection, $str);
}
