public function login($login, $password) { $db = $this->serviceManager->get('PDO'); $userDao = $this->serviceManager->getDao('UserDao'); $user = $userDao->getByLogin($login); if ($this->isLoggedIn($user->getId())) { return false; } if (Authorization::validatePassword($password, $user->getPasswordHash())) { if (!$user->getStatus()) { return false; } else { $this->user = $user; $timeout = time() + $this->loginTimeOut; $_SESSION['loginTimeOut'] = $timeout; $STH = $db->prepare("UPDATE " . DBConfig::table(DBConfig::AUTHORIZATION) . " SET id_u=:id_u, timeout=:to, url=:url WHERE id_auth=:id_a LIMIT 1;"); $STH->bindValue(':id_a', $this->authId, PDO::PARAM_INT); $STH->bindValue(':id_u', $this->user->getId(), PDO::PARAM_INT); $STH->bindValue(':to', $timeout, PDO::PARAM_INT); $STH->bindValue(':url', $_SERVER['REQUEST_URI'], PDO::PARAM_STR); return $STH->execute() ? true : false; } } else { return false; } }
/** * @param array $result * @return DBRecord */ protected function createFromResultSet(array $result) { $user = new Role(); $user->setId($result['id_u']); $user->setLogin($result['login']); $user->setEmail($result['email']); $user->setDateRegistered(new DateTime("@" . $result['dateRegistered'])); $user->setActivated($result['activated']); $user->setLastActive(new DateTime('@' . $result['lastActive'])); $user->setDeleted($result['deleted']); $user->setFirstname($result['firstname']); $user->setSurname($result['surname']); $user->setPasswordHash($result['password']); $groupDao = $this->serviceManager->getDao('GroupDao'); $user->setGroups($groupDao->getUserGroups($user)); // $permissions = array(); $stmt = $this->getConnection()->prepare('SELECT id_p FROM ' . DBConfig::table(DBConfig::USER_PERMISSIONS) . ' WHERE id_u=:id;'); $stmt->bindValue(':id', $user->getId()); $stmt->execute(); foreach ($stmt->fetchAll() as $permission) { $permissions[] = $permission['id_p']; } $user->setPermissions($permissions); // $user->id = (int) $row['id_u']; // $user->login = $row['login']; // $user->email = $row['email']; // $user->dateRegistered = (int) $row['dateRegistered']; // $user->activated = (bool) $row['activated']; // $user->lastActive = (int) $row['lastActive']; // $user->ban = $row['ban'] === null ? false : (int) $row['ban']; // $user->deleted = (bool) $row['deleted']; // $user->firstname = $row['firstname']; // $user->surname = $row['surname']; // $user->passwordHash = $row['password']; return $user; }