function attempt_login($email, $password) { //select user row from database //if row is not empty then compare the hashed passwords //return the admin object or false $user = query_select_user_by_email($email); if ($user && password_verify($password, $user['password'])) { //user found in database, and password matches //retrieve user address details: $address = query_select_address($user['userId']); $user = $user + $address; return $user; } else { //email does not match any user (boolean short-circuit), //or if it does the passwords does not match return 0; } }
function query_select_user_by_email_success() { global $connection; $email = "*****@*****.**"; //$role = 0; assert(query_select_user_by_email($email)); }