public function __construct() { // get db connection $db = new DatabaseService(); $this->sql_con = $db->getConnection(); if (!$this->sql_con) { HttpService::return_service_unavailable(); } }
/** * login * @param $username string * @param $password string */ public static function login($username, $password) { // Delete Mocking behavior // get db connection $db = new DatabaseService(); $sql_con = $db->getConnection(); //connection failed if (!$sql_con) { HttpService::return_service_unavailable(); } //get hash algos $algos = hash_algos(); //take the 3rd algo $algo = $algos[2]; $pw_hash = hash($algo, $password); //get user from db $query = "SELECT * FROM user WHERE alias = '{$username}' AND password = '******'"; $result = $sql_con->query($query); $row = mysqli_fetch_assoc($result); //login data correct? if (!isset($row)) { HttpService::redirect_to('/login/fail'); } //add alias to session $_SESSION['username'] = $row['alias']; $_SESSION['user_id'] = $row['id']; $roles = array(); //add user role switch ($row['role']) { case 1: array_push($roles, 'admin'); break; case 2: array_push($roles, 'author'); break; case 3: array_push($roles, 'user'); break; } //add roles to session $_SESSION['roles'] = $roles; }