public function checkLogin($username, $password)
{
$USER_ID = AuthManager::getIdFromUsername($username);
if (!is_null($USER_ID)) {
// if the user exists
$hash = hash(AuthManager::getHashingAlgorithm($USER_ID), $password . AuthManager::getSalt($USER_ID));
$sql = <<<EOD
\tSELECT
\t\t`user_type`
\tFROM
\t\tusers
\tWHERE
\t\tusername='******'
\t\t\tAND
\t\tpassword='******'
\t\t\tAND
\t\tUSER_ID='{$USER_ID}'
EOD;
// compare the password has against whats in the database
$result = mysql_query($sql);
$count = mysql_num_rows($result);
// If there is only 1 user found
if ($count == 1) {
$row = mysql_fetch_array($result);
// return the user details
return array('count' => $count, 'USER_ID' => $USER_ID, 'user_type' => $row['user_type']);
} else {
// password incorrect or multiple accounts found
return array('count' => 0);
}
} else {
// username not found
return array('count' => 0);
}
}
