/**
* Logs a user in
* @param string $userEmail Email address the user is trying to login as
* @param string $password The password the user is trying to login as
* @return bool|string Returns false if the login is successful or returns an error string if unsuccessful
*/
public static function login($userEmail, $password)
{
//Retrieve information from the users table
if (!($conn = DatabaseUtil::db_connect(DatabaseUtil::DATABASE_USER))) {
return 'Database Error contact administration.';
}
if ($result = DatabaseUtil::get($conn, 'SELECT * FROM users WHERE emailAddress=? LIMIT 1', [$userEmail])) {
//check the password
$result = array_shift($result);
if (self::hash($password, $result->salt) == $result->password) {
SessionUtil::session_set('loggedIn', self::user_token($result->salt));
SessionUtil::session_set('user', serialize($result));
} else {
return 'Email or Password are incorrect.';
}
} else {
return 'Email or Password are incorrect.';
}
}
private function add_user()
{
$user = new \stdClass();
$user->userName = param('txtName');
$user->emailAddress = param('txtEmail');
$user->company = param('txtCompany');
$user->salt = AuthenticationUtil::salt();
$user->password = AuthenticationUtil::hash(param('txtPassword'), $user->salt);
$user->privs = array_sum(param('cbxPrivs'));
//Make connection
if (!($dbConnection = DatabaseUtil::db_connect(DatabaseUtil::DATABASE_USER))) {
return 'Error with database connection. Contact DB admin. ';
}
if (!($error = DatabaseUtil::insert($dbConnection, 'users', $user))) {
return 'User Added';
} else {
return $error;
}
}
