static function login($pwd) { if (self::$user_id == 0) { if (strtolower($_SERVER['REQUEST_METHOD']) != 'get') { Error::http(403, "The user must be logged in order to submit this request."); } self::$name = 'Guest'; } else { $sql = "SELECT user_id, name, password, email, login_provider FROM users WHERE (user_id=? OR email=?)"; $row = DBquery::get($sql, array(self::$user_id, self::$email)); if (!$row) { Error::http(401, "Invalid user ID/email or password. User ID: " . self::$user_id . ", Email: " . self::$email); } $user = $row[0]; if (!$user or !password_verify($pwd, $user['password'])) { Error::http(401, "Invalid user ID/email or password. User ID: " . self::$user_id . ", Email: " . self::$email); } self::$user_id = $user['user_id']; self::$name = $user['name']; self::$email = $user['email']; self::$login_provider = $row[0]['login_provider']; } }