/**
* Use with caution! This bypasses authentication.
* This functionality should not be exposed externally.
* @param Users_User $user
* The user object
*/
static function setLoggedInUser($user)
{
if (isset($_SESSION['users']['user']->id)) {
if ($user->id == $_SESSION['users']['user']->id) {
// This user is already the logged-in user.
return;
}
}
// Change the session id to prevent session fixation attacks
Pie_Session::regenerate_id();
// Store the new information in the session
$snf = Pie_Config::get('pie', 'session', 'nonceField', 'nonce');
$_SESSION['users']['user'] = $user;
$_SESSION['pie'][$snf] = uniqid();
Pie::event('users/setLoggedInUser', compact('user'), 'after');
}
