/**
* Login handler
*
* @access public
* @static WoW_Account::PerformLogin($username, $password)
* @param string $email
* @param string $password
* @category Account Manager Class
* @return bool
**/
public static function PerformLogin($username, $password, $persistLogin = false, $from_cookie_session = false)
{
// self::SetEmail($email);
self::SetEmail($username);
self::SetPassword($password);
$from_cookie_session == true ? self::$sha_pass_hash = $password : self::CreateShaPassHash();
// No SQL injection
$user_data = DB::WoW()->selectRow("SELECT `id`, `first_name`, `last_name`, `email`, `sha_pass_hash`, `country_code` FROM `DBPREFIX_users` WHERE `email` = '%s' LIMIT 1", self::GetEmail());
if (!$user_data) {
WoW_Log::WriteLog('%s : user %s was not found in `DBPREFIX_users` table!', __METHOD__, self::GetEmail());
self::SetLastErrorCode(ERROR_WRONG_USERNAME_OR_PASSWORD);
return false;
}
if ($user_data['sha_pass_hash'] != self::GetShaPassHash()) {
WoW_Log::WriteLog('%s : user %s tried to perform login with wrong password!', __METHOD__, self::GetEmail());
self::SetLastErrorCode(ERROR_WRONG_USERNAME_OR_PASSWORD);
return false;
}
self::$userid = $user_data['id'];
self::$first_name = $user_data['first_name'];
self::$last_name = $user_data['last_name'];
self::$country_code = $user_data['country_code'];
self::UserGames();
self::CreateSession();
self::SetLoginState(ACCMGR_LOGGED_IN);
self::$login_time = time();
self::DropLastErrorCode();
// All fine, we can drop it now.
if ($persistLogin || isset($_COOKIE['wow_session'])) {
self::saveToCookieSession();
}
return true;
}