public function checkLogin($username, $password) { $USER_ID = AuthManager::getIdFromUsername($username); if (!is_null($USER_ID)) { // if the user exists $hash = hash(AuthManager::getHashingAlgorithm($USER_ID), $password . AuthManager::getSalt($USER_ID)); $sql = <<<EOD \tSELECT \t\t`user_type` \tFROM \t\tusers \tWHERE \t\tusername='******' \t\t\tAND \t\tpassword='******' \t\t\tAND \t\tUSER_ID='{$USER_ID}' EOD; // compare the password has against whats in the database $result = mysql_query($sql); $count = mysql_num_rows($result); // If there is only 1 user found if ($count == 1) { $row = mysql_fetch_array($result); // return the user details return array('count' => $count, 'USER_ID' => $USER_ID, 'user_type' => $row['user_type']); } else { // password incorrect or multiple accounts found return array('count' => 0); } } else { // username not found return array('count' => 0); } }