/** * Checks if credentials typed by the user are ok. * If credentials are incorrect or something is missing it * sets proper output message * @param $u, which is username * @param $p, which is password * @param $userClient * @return true is credentials are correct and false if otherwise */ private function authenticate($u, $p, UserClient $userClient) { if (empty($u)) { // Check is username field is empty return false; } elseif (empty($p)) { // Check is password field is empty return false; } $amount = count($this->users); // Loop through all users and check if there exists a user with specified username and password for ($i = 0; $i < $amount; $i++) { $username = $this->users[$i]->getUsername(); // Get username from array $hashedPassword = $this->users[$i]->getPassword(); // Get hashed password from user array if ($username == $u && password_verify($p, $hashedPassword)) { // Check if credentials are correct $userClient->setUserObject($this->users[$i]); $_SESSION[self::$sessionUserLocation] = $userClient; return true; } } return false; }