/** * Prüft ob Kombination Benutzer und Passwort existiert * @param string $username * @param string $password * @return bool Ja, wenn Benutzer + Passwort vorhanden ist */ public function checkUser($username, $password) { $userList = new \fpcm\model\users\userList(); $userid = $userList->getUserIdByUsername($username); if (!$userid) { trigger_error('Login failed for username ' . $username . '! User not found. Request was made by ' . \fpcm\classes\http::getIp()); return false; } $user = new \fpcm\model\users\author($userid); if ($user->getDisabled()) { trigger_error('Login failed for username ' . $username . '! User is disabled. Request was made by ' . \fpcm\classes\http::getIp()); return \fpcm\model\users\author::AUTHOR_ERROR_DISABLED; } if (\fpcm\classes\security::createPasswordHash($password, $user->getPasswd()) == $user->getPasswd()) { $timer = time(); $this->login = $timer; $this->lastaction = $timer; $this->logout = 0; $this->userid = $userid; $this->sessionid = \fpcm\classes\security::createSessionId(); $this->ip = \fpcm\classes\http::getIp(); $this->sessionExists = true; return true; } trigger_error('Login failed for username ' . $username . '! Wrong username or password. Request was made by ' . \fpcm\classes\http::getIp()); return false; }