/**
* @depends testBcrypt
*/
public function testBcryptVerify()
{
$encoded = bcrypt('test');
$this->assertTrue(bcrypt_verify('test', $encoded));
$this->assertFalse(bcrypt_verify('nope', $encoded));
}
<?php
require_once 'inc/lib.php';
session_start();
if (!empty($_SESSION['user'])) {
if (!($user = user_info($_SESSION['user']))) {
// User does not exist, redirect to login page
header('Location: .');
exit('Not Authorized');
}
} elseif (!empty($_POST['user']) && !empty($_POST['pass'])) {
// Get user data
$user = user_info($_POST['user']);
$_SESSION['is_admin'] = $user['role'] == 'admin';
// Check user exists and password is good
if (!$user || !bcrypt_verify($_POST['pass'], $user['pass'])) {
// Login failure, redirect to login page
header('Location: ./?error=badlogin');
exit('Not Authorized');
}
// Current user is valid
$_SESSION['user'] = $user['user'];
} else {
// Not logged in, redirect to login page
header('Location: .');
exit('Not Authorized');
}
?>
<!doctype html>
<html>
<head>
