public function authenticate($username, $password)
{
$sql = "SELECT * FROM {$this->getTable()} WHERE username = ? AND (password=MD5(?) OR ( role_id=? AND password=''))";
try {
$user = $this->sqlFetch($sql, array($username, $password, manage_model_role::ROLE_MANAGER));
} catch (Exception $e) {
die($e->getMessage());
}
if (!$user || !$user[$this->getIdField()]) {
return false;
}
$user_model = new core_model_user();
$user_model->load($user[$this->getIdField()]);
$suid = md5(uniqid());
$user_model->setData('suid', $suid);
$user_model->save();
app::getSession()->setData('suid', $user_model->getData('suid'));
return true;
}
protected function _predispatchAction()
{
if ($this->_actionMethod == 'logoutAction') {
return;
}
/** @var core_session $session */
$session = $this->getRequest()->getSession();
$user = $session->getLoggedInUser();
if (!$user) {
$logged_in = false;
$loginData = $this->getRequest()->getParam('login', null);
if (is_array($loginData)) {
$user = new core_model_user();
$logged_in = $user->authenticate($loginData['username'], $loginData['password']);
}
if (!$logged_in) {
$this->_actionMethod = 'requireLoginAction';
} else {
}
}
}
