static function login($pwd)
{
if (self::$user_id == 0) {
if (strtolower($_SERVER['REQUEST_METHOD']) != 'get') {
Error::http(403, "The user must be logged in order to submit this request.");
}
self::$name = 'Guest';
} else {
$sql = "SELECT user_id, name, password, email, login_provider FROM users WHERE (user_id=? OR email=?)";
$row = DBquery::get($sql, array(self::$user_id, self::$email));
if (!$row) {
Error::http(401, "Invalid user ID/email or password. User ID: " . self::$user_id . ", Email: " . self::$email);
}
$user = $row[0];
if (!$user or !password_verify($pwd, $user['password'])) {
Error::http(401, "Invalid user ID/email or password. User ID: " . self::$user_id . ", Email: " . self::$email);
}
self::$user_id = $user['user_id'];
self::$name = $user['name'];
self::$email = $user['email'];
self::$login_provider = $row[0]['login_provider'];
}
}
