/**
* Validate the user name and password
*/
private function loginUser()
{
$u = new UsersDb();
$user = $u->getUserByName($this->nickName);
$user = array_pop($user);
if ($user === false) {
header($_SERVER["SERVER_PROTOCOL"] . " 400 Failed");
print 'User name not registered';
return false;
}
// One-way encrypt the password
$this->password = crypt($this->password, $_SERVER['ENCRYPTION_KEY']);
if ($this->password != $user['password']) {
header($_SERVER["SERVER_PROTOCOL"] . " 400 Failed");
print 'Login failed';
return false;
}
$this->id = $user['id'];
$this->firstName = $user['firstName'];
$this->lastName = $user['lastName'];
return true;
}
/**
* Add a new user to the database
*/
private function addUser()
{
$u = new UsersDb();
if ($u->getUserByName($this->nickName) !== false) {
header($_SERVER["SERVER_PROTOCOL"] . " 400 Failed");
print 'Duplicate user name';
return false;
}
if ($u->getUserByEmail($this->email) !== false) {
header($_SERVER["SERVER_PROTOCOL"] . " 400 Failed");
print 'Duplicate email';
return false;
}
// One-way encrypt the password
$this->password = crypt($this->password, $_SERVER['ENCRYPTION_KEY']);
// Note: There is a very small race condition if two people
// simultaneously try to register the name name or email, but if
// that happens the only result is a less specific error message
// for the loser.
$this->id = $u->addUser($this->nickName, $this->password, $this->email, $this->firstName, $this->lastName, $this->uid);
if ($this->id === false) {
header($_SERVER["SERVER_PROTOCOL"] . " 400 Failed");
print 'Registration failed';
return false;
}
return true;
}