/** * Perform an authentication check, start a new session * @param string $username * @param string $password * @return string the session key */ public function authenticate($username, $password) { $person = new person(); $sess = new session(); $row = $person->get_valid_login_row($username, $password); if ($row) { $sess->Start($row, false); $sess->UseGet(); $sess->Save(); return $sess->GetKey(); } else { die("Authentication Failed(1)."); } }
} else { if (isset($_GET["forward"])) { $url = $_GET["forward"]; } else { $url = $sess->GetUrl($TPL["url_alloc_home"]); } } // If we already have a session if ($sess->Started()) { alloc_redirect($url); exit; // Else log the user in } else { if ($_POST["login"]) { $person = new person(); $row = $person->get_valid_login_row($_POST["username"], $_POST["password"]); if ($row) { $sess->Start($row); $q = prepare("UPDATE person SET lastLoginDate = '%s' WHERE personID = %d", date("Y-m-d H:i:s"), $row["personID"]); $db = new db_alloc(); $db->query($q); if ($sess->TestCookie()) { $sess->UseCookie(); $sess->SetTestCookie($_POST["username"]); } else { $sess->UseGet(); } $sess->Save(); alloc_redirect($url); } $error = "Invalid username or password.";