/** * Verify with database the user credentials are correct and log in if so * * * @param string $username: input username of user attempting to log in * @param string $input_password: input password of user attempting to log in * * @return bool: true if correct credentials and logged on, false otherwise */ public static function authenticate($username, $input_password) { $dbo = self::fetchDB(); $sql = "select * from dinkly_user where username=" . $dbo->quote($username); $result = $dbo->query($sql)->fetchAll(); //We found a match for the username if ($result != array()) { $user = new DinklyUser(); $user->init($result[0]['id']); $hashed_password = $result[0]['password']; if (function_exists('password_verify')) { $valid_password = password_verify($input_password, $hashed_password) == $hashed_password; } else { $valid_password = crypt($input_password, $hashed_password) == $hashed_password; } if ($valid_password) { $count = $user->getLoginCount() + 1; $user->setLastLoginAt(date('Y-m-d G:i:s')); $user->setLoginCount($count); $user->save(); self::setLoggedIn(true, $result[0]['id'], $result[0]['username'], $user->getGroups()); return true; } } return false; }