/** * Check user credentials * @input_email String User login email id * @input_password String User login password * @return Boolean User login status success/fail */ public function userLogin($input_email, $input_password) { if (!($db_uid = $this->checkUserPassword($input_email, $input_password))) { // user password is incorrect return false; } // Generate a new session every time $this->session->start(); $this->session->refresh(); // Expire the session after 2 weeks $now = time(); $session_expiration = $now + 1209600; $session_id = session_id(); $stmt = $this->conn->prepare("UPDATE BBC_users\n\t\t\t\tSET session_id=?, session_expiration=?\n\t\t\t\tWHERE user_uid=?"); $stmt->bind_param('sis', $session_id, $session_expiration, $db_uid); $stmt->execute(); $stmt->close(); // store the user id into the user's cookie setcookie('bbc_user_id', $db_uid, $session_expiration, '/'); return true; }
/** * Check user credentials * @input_email String User login email id * @input_password String User login password * @return Boolean User login status success/fail */ public function userLogin($input_email, $input_password) { if (!($db_uid = $this->checkUserPassword($input_email, $input_password))) { // user password is incorrect // record this attempt in the database $stmt = $this->conn->prepare("INSERT INTO LQ_login_attempts( user_uid, time )\n\t\t\t\tVALUES ( ?, ? )"); $stmt->bind_param('si', $db_uid, $now); $stmt->execute(); $stmt->close(); return false; } // Generate a new session every time $this->session->start(); $this->session->refresh(); // Expire the session after 2 weeks $now = time(); $session_expiration = $now + 1209600; $session_id = session_id(); $stmt = $this->conn->prepare("UPDATE LQ_users\n\t\t\t\tSET session_id=?, session_expiration=?\n\t\t\t\tWHERE user_uid=?"); $stmt->bind_param('sis', $session_id, $session_expiration, $db_uid); $stmt->execute(); $stmt->close(); // store the user id into the user's cookie setcookie('lq_user_id', $db_uid, $session_expiration, '/'); /** * TODO * Will use the following information to store inside the database * The user agent information **/ // $user_agent = $_SERVER['HTTP_USER_AGENT']; // XSS protection as we might print this value // $user_id = preg_replace( '/[^0-9]+/', '', $db_id ); // XSS protection as we might print this value // $username = preg_replace( '/[^a-zA-Z0-9_\-]+/', '', $db_username ); // $session->put( 'LQ_user_agent', $user_agent ); // setcookie( 'lq_userid', $db_uid, time() + ( 86400 * 30 ), '/' ); // 1 day return true; }
/** * Save this model using the driver given * * @return void */ public function save() { return $this->driver->refresh($this); }