/**
* \brief Logs in the user.
* \param mixed $id A string if the identifier is an email. Otherwise, use an array with for instance array('nickname', $_POST['nick'])
* in order to tell to the function that you don't want to use email as an identifier.
* \param string $password Don't need to give more precision.
* \param bool $persist May I have to create some cookies? If TRUE, don't forget to create a frame where you say that you're website use cookies.
* \return bool TRUE if the user is logged. FALSE otherwise.
*/
public final function login($id, $password, $persist = true)
{
$field = '_email';
if (is_array($id)) {
if (!isset($this->attributes[$id[0]])) {
throw new \Exception('The identifier ' . $id[0] . ' doesn\'t exist.');
}
$field = $id[0];
$value = $id[1];
} else {
$value = $id;
}
$r = self::$_db->select('_kusers', array('_id', '_key', '_pw'), array('AND' => array($field => $value)));
if ($r === false) {
return false;
}
if (!\Kazoo\Secure::sameHash($r[0]['_pw'], \Kazoo\Secure::hash($password))) {
return false;
}
$this->attributes['_id'] = (int) $r[0]['_id'];
$_SESSION['_id'] = $this->attributes['_id'];
if ($persist) {
setcookie(self::$_conf['_user_id_cookie_name'], \Kazoo\Secure::encrypt($this->attributes['_id'], '_usrpaswd42'), time() + self::$_conf['_user_cookie_duration'], '/', '', false, true);
setcookie(self::$_conf['_user_key_cookie_name'], \Kazoo\Secure::encrypt($r[0]['_key'], '_usrpaswdchic' . $this->attributes['_id']), time() + self::$_conf['_user_cookie_duration'], '/', '', false, true);
}
return $this->load();
}
