protected static function loginPost()
{
$email = type::post('email', 'string');
$password = type::post('password', 'string');
$remember = type::post('remember', 'int');
if (is_null($email) || is_null($password) || $email == '' || $password == '') {
echo message::info(lang::get('fill_out_both'));
return;
}
$sql = new sql();
$sql->query('SELECT password, salt, id FROM ' . sql::table('user') . ' WHERE `email` = "' . $sql->escape($email) . '"');
if (!$sql->num()) {
echo message::danger(sprintf(lang::get('email_not_found'), htmlspecialchars($email)), true);
$shake = 1;
return;
}
$sql->result();
if (!self::checkPassword($password, $sql->get('salt'), $sql->get('password'))) {
echo message::danger(lang::get('wrong_pw'));
$shake = 1;
return;
}
self::loginSession();
self::$userID = $sql->get('id');
$_SESSION['login'] = $sql->get('id');
if ($remember) {
setcookie("remember", $sql->get('id'), time() + 3600 * 24 * 7);
}
}
protected static function loginPost()
{
$email = type::post('email', 'string');
$password = type::post('password', 'string');
// Formular ganz abgesendet?
if (is_null($email) || is_null($password) || $email == '' || $password == '') {
echo message::info(lang::get('login_form_notfull'), true);
return;
}
$sql = sql::factory();
$sql->query('SELECT password, id FROM ' . sql::table('user') . ' WHERE `email` = "' . $sql->escape($email) . '"');
// Username mit E-Mail vorhanden?
if (!$sql->num()) {
echo message::danger(sprintf(lang::get('login_no_user'), $email), true);
return;
}
$sql->result();
// Password nicht gleich?
if (!self::checkPassword($password, $sql->get('password'))) {
echo message::danger(lang::get('login_pwd_false'), true);
return;
}
self::loginSession();
self::$userID = $sql->get('id');
$_SESSION['login'] = $sql->get('id') . '||' . self::hash($password);
}
protected static function loginPost()
{
$email = type::post('email', 'string');
$password = type::post('password', 'string');
// Formular ganz abgesendet?
if (is_null($email) || is_null($password) || $email == '' || $password == '') {
echo message::info(lang::get('login_form_notfull'), true);
return;
}
$sql = sql::factory();
$sql->query('SELECT password, salt, id FROM ' . sql::table('user') . ' WHERE `email` = "' . $sql->escape($email) . '"');
// Username mit E-Mail vorhanden?
if (!$sql->num()) {
echo message::danger(sprintf(lang::get('login_no_user'), htmlspecialchars($email)), true);
return;
}
$sql->result();
// Password nicht gleich?
if (!self::checkPassword($password, $sql->get('salt'), $sql->get('password'))) {
echo message::danger(lang::get('login_pwd_false'), true);
return;
}
self::loginSession();
self::$userID = $sql->get('id');
$_SESSION['login'] = $sql->get('id');
// Falls alte Methode (sha1) neuen Salt generieren und salt updaten
// sha1 deprecated 0.2 Beta
$salt = $sql->get('salt');
if (empty($salt)) {
$salt = self::generateSalt();
$sql->setTable('user');
$sql->setWhere('`email` = "' . $email . '"');
$sql->addPost('salt', $salt);
$sql->addPost('password', self::hash($password, $salt));
$sql->update();
}
}
