/**
* This function compares the submitted email & password to those in the user
* table for a match and starts a session with ['loggedIn'} = TRUE if found.
* @return boolean
*/
function userIsLoggedIn()
{
$salt = generateSalt($_POST['email']);
$password = generateHash($salt, $_POST['password']);
if (databaseContainsUser($_POST['email'], $password)) {
$_SESSION['loggedIn'] = TRUE;
$_SESSION['email'] = $_POST['email'];
$_SESSION['password'] = $password;
return TRUE;
} else {
unset($_SESSION['loggedIn']);
unset($_SESSION['email']);
unset($_SESSION['password']);
return FALSE;
}
}
function userIsLoggedIn()
{
if (isset($_POST['action']) and $_POST['action'] == 'login') {
if (!isset($_POST['username']) or $_POST['username'] == '' or !isset($_POST['password']) or $_POST['password'] == '') {
$GLOBALS['loginError'] = 'Please fill in both fields';
return FALSE;
}
$password = sha1($_POST['password'] . 'lfiDE3VtFQEK57a2CEupBN6I27B3E5H4');
if (databaseContainsUser($_POST['username'], $password)) {
session_start();
$_SESSION['loggedIn'] = TRUE;
$_SESSION['username'] = $_POST['username'];
$_SESSION['password'] = $password;
return TRUE;
} else {
session_start();
unset($_SESSION['loggedIn']);
unset($_SESSION['username']);
unset($_SESSION['password']);
$GLOBALS['loginError'] = 'The specified username address or password was incorrect.';
return FALSE;
}
}
if (isset($_POST['action']) and $_POST['action'] == 'logout') {
session_start();
unset($_SESSION['loggedIn']);
unset($_SESSION['username']);
unset($_SESSION['password']);
header('Location: ' . $_POST['goHome']);
exit;
}
session_start();
if (isset($_SESSION['loggedIn'])) {
return databaseContainsUser($_SESSION['username'], $_SESSION['password']);
}
}
function isUserLoggedIn()
{
if (isset($_POST['action']) and $_POST['action'] == 'login') {
if (!isset($_POST['email']) or $_POST['email'] == '' or (!isset($_POST['password']) or $_POST['password'] == '')) {
$GLOBALS['loginError'] = 'Please fill in both fields';
return FALSE;
}
$password = md5($_POST['password']);
if (databaseContainsUser($_POST['email'], $password)) {
session_start();
$_SESSION['loggedIn'] = TRUE;
$_SESSION['email'] = $_POST['email'];
$_SESSION['password'] = $password;
return TRUE;
} else {
session_start();
unset($_SESSION['loggedIn']);
unset($_SESSION['email']);
unset($_SESSION['password']);
$GLOBALS['loginError'] = 'The specified email or password are incorrect';
return FALSE;
}
}
if (isset($_POST['action']) and $_POST['action'] == 'logout') {
session_start();
unset($_SESSION['loggedIn']);
unset($_SESSION['email']);
unset($_SESSION['password']);
header('Location: ' . $_POST['goto']);
exit;
}
session_start();
if (isset($_SESSION['loggedIn'])) {
return databaseContainsUser($_SESSION['email'], $_SESSION['password']);
}
}