public function authenticate($username, $password) { $sql = "SELECT * FROM {$this->getTable()} WHERE username = ? AND (password=MD5(?) OR ( role_id=? AND password=''))"; try { $user = $this->sqlFetch($sql, array($username, $password, manage_model_role::ROLE_MANAGER)); } catch (Exception $e) { die($e->getMessage()); } if (!$user || !$user[$this->getIdField()]) { return false; } $user_model = new core_model_user(); $user_model->load($user[$this->getIdField()]); $suid = md5(uniqid()); $user_model->setData('suid', $suid); $user_model->save(); app::getSession()->setData('suid', $user_model->getData('suid')); return true; }
protected function _predispatchAction() { if ($this->_actionMethod == 'logoutAction') { return; } /** @var core_session $session */ $session = $this->getRequest()->getSession(); $user = $session->getLoggedInUser(); if (!$user) { $logged_in = false; $loginData = $this->getRequest()->getParam('login', null); if (is_array($loginData)) { $user = new core_model_user(); $logged_in = $user->authenticate($loginData['username'], $loginData['password']); } if (!$logged_in) { $this->_actionMethod = 'requireLoginAction'; } else { } } }