public static function validateUser($username, $password) { $appInstance = App::getInstance(); $user = new DB(); $user = $user->prepare('Select ' . $appInstance->getConfig()->app['user_table']['id'] . ', ' . $appInstance->getConfig()->app['user_table']['password'] . ' From ' . $appInstance->getConfig()->app['user_table']['name'] . ' where ' . $appInstance->getConfig()->app['user_table']['username'] . '=?'); $user->execute(array($username)); $result = $user->fetchAllAssoc(); if (count($result) > 1) { throw new \Exception('there are more than 1 user with this credentials', 500); } if (count($result) < 1) { return false; } if (!Common::verifyPassword($password, $result[0][$appInstance->getConfig()->app['user_table']['password']])) { return false; } $_SESSION['id'] = $result[0][$appInstance->getConfig()->app['user_table']['id']]; return true; }
public function editProfile(UserModel $user, $new_password) { $validator = new Validation(); $validator->setRule('required', $user->email, null, 'Email'); $validator->setRule('required', $user->password, null, 'Current Password'); $validator->setRule('email', $user->email, null, 'Email'); if (!$validator->validate()) { Session::setError($validator->getErrors()); Redirect::back(); } /* @var $user \Models\UserModel */ $userFromDb = $this->user->getUser(Auth::getUserId()); if (!Common::verifyPassword($user->password, $userFromDb->password)) { Session::setError('Current password is not correct'); Redirect::back(); } if ($this->user->editUser(Auth::getUserId(), $user->email, Common::hashPassword($new_password)) !== 1) { Session::setError('Something is wrong. Try again.'); Redirect::back(); } Session::setMessage('The profile is edited'); Redirect::to(''); }