public static function authenticate($username, $password)
{
$conn = self::get_database();
$user = mysql_fetch_assoc(database::queryf($conn, 'SELECT * FROM `users` WHERE `username` = %s', $username));
if (\lib\token::match($user['password'], $password, $user['id'], 0, 0) && $user['confirmed']) {
return $user;
}
return false;
}
public static function post()
{
if (\lib\token::match($_POST['token'], 'createuser', $_POST['email'], $_POST['time'], 0)) {
// email confirmed
\lib\user::confirm($_POST['email']);
$user = \lib\user::get($_POST['email'], 'email');
$_SESSION['user_id'] = $user['id'];
return true;
} else {
// email not confirmed
// $_POST[''];
return false;
}
}
