function updateCurrentUser() { $user = $_SESSION['user']; $sessionUserId = $user->getUserId(); if ($user->getRole() === 'STUDENT') { $_SESSION['user'] = Student::createStudentFromId($sessionUserId); } else { $_SESSION['user'] = Teacher::createTeacherFromId($sessionUserId); } }
$desc = "The account for '{$username}' has been locked due to too many login attempts."; infoLog($desc); returnToPageError($message, $username); } else { unlockUser($userid); clearFailedLogins($userid); $user = User::createUserLoginDetails($userid); } } $random_salt = $user->getSalt(); $pwd = hash('sha512', $pwd . $random_salt); if ($pwd === $user->getPassword()) { if ($user->getRole() === 'STUDENT') { $_SESSION['user'] = Student::createStudentFromId($userid); } else { $_SESSION['user'] = Teacher::createTeacherFromId($userid); } clearFailedLogins($userid); $_SESSION['timeout'] = time(); $message = "User {$userid} has been successfully logged in."; if (isset($_SESSION['url']) && isset($_SESSION['urlid']) && $userid == $_SESSION['urlid']) { $url = $_SESSION['url']; unset($_SESSION['url']); unset($_SESSION['urlid']); } else { $url = '../portalhome.php'; } returnToPageSuccess($message, $url); } else { //Check when the last failed login was $lastFailedLogin = strtotime($user->getLastFailedLogin());
$userid = filter_input(INPUT_GET, 'userid', FILTER_SANITIZE_STRING); $query = "SELECT `Role` FROM TUSERS WHERE `User ID` = {$userid}"; try { $role = db_select_single_exception($query, 'Role'); } catch (Exception $ex) { header("Location: ../portalhome.php"); exit; } if ($role == 'STUDENT') { $user = Student::createStudentFromId($userid); $prefName = $user->getPrefferedName(); $dob = $user->getDateOfBirth(); $hideStaff = 'style="display:none;"'; $hideStudents = ''; } else { $user = Teacher::createTeacherFromId($userid); $title = $user->getTitle(); $initials = $user->getInitials(); $classroom = $user->getClassroom(); $number = $user->getPhoneNumber(); $hideStaff = ''; $hideStudents = 'style="display:none;"'; } $firstName = $user->getFirstName(); $surname = $user->getSurname(); $email = $user->getEmail(); if (isset($_SESSION['message'])) { $message = $_SESSION['message']; unset($_SESSION['message']); } ?>