/**
* It logs the player in!
*
* @param string $username what name they?
* @param string $password what's the secret word?
* @return bool did they do it right?
*/
public function log_in($username, $password)
{
$username = htmlentities($username, ENT_QUOTES, 'UTF-8');
$player_exists = $this->get_player($username);
if (!$player_exists) {
return false;
}
/**
* Sigh. sha1 fails so bad, and there's no easy way to get rid of it which doesn't suck, esp on an upgraded db.
*/
if ($this->password == sha1($password) && IS_UPGRADE) {
$this->login_salt = substr(md5(uniqid(rand(), true)), 0, 5);
$this->password = md5($password . $this->login_salt);
$player_update['password'] = $this->password;
$player_update['login_salt'] = $this->login_salt;
$player_insert_query = $this->db->AutoExecute('players', $player_update, 'UPDATE', 'id = ' . $this->id);
}
if ($this->password == md5($password . $this->login_salt)) {
$login_rand = substr(md5(uniqid(rand(), true)), 0, 5);
$update_player['login_rand'] = $login_rand;
$update_player['last_active'] = time();
$player_query = $this->db->AutoExecute('players', $update_player, 'UPDATE', 'id = ' . $this->id);
$hash = md5($this->id . $this->password . $login_rand);
$_SESSION['logged_in_user_id'] = $this->id;
$_SESSION['hash'] = $hash;
setcookie("logged_in_user_id", $this->id, time() + 2592000);
code_cookie::$id = $this->id;
code_cookie::set("cookie_hash", $hash, time() + 2592000);
return true;
} else {
return false;
}
}
/**
* sets the player id
*
* @param int $id player id
*/
public static function set_id($id)
{
self::$id = $id;
}
