*/ session_start(); /* * Creating a gloabl array for easy access to data. */ $GLOBALS['config'] = array('mysql' => array('host' => "tcp:appetite.database.windows.net,1433", 'userName' => "app", 'passCode' => "Admin12£", 'db' => "appetite"), 'remember' => array('cookie_name' => 'appetiteCookieHash', 'cookie_name2' => 'appetiteCookieUserID', 'cookie_expiry' => 315532800), 'session' => array('session_name' => 'user', 'token_name' => 'token')); /** * Using the standard php library (spl) to autoload a class only when it is required. This saves having to write require_once '...' for each class in every script. */ spl_autoload_register(function ($class) { require_once $class . '.php'; }); require_once 'functions.php'; // Imports functions which should be accessible to scripts which use require_once 'init.php'. //if the cookie exists but the session does not - then the user asked to be remembered and so should be logged in. if (Cookie::exists(Configurations::get('remember/cookie_name')) && !Session::exists(Configurations::get('session/session_name'))) { //echo '<br /> User asked to be remembered <br />'; //for debugging. $hash = Cookie::get(Configurations::get('remember/cookie_name')); $hashCheck = DB::getInstance()->get('users_session', array('hash', '=', $hash)); if ($hashCheck->count()) { /* echo 'Hash Matches, log the user in.'; echo '<br />'.$hashCheck->first()->user_id; */ //for debugging. //if here then the user wanted to be remembered and so should be logged in $user = new User($hashCheck->first()->user_id); $user->login(); } } ?>
/** * This method logs the user in or returns a session if they are already logged in. If no arguments are passed it is assumed the user is logged in already * (i.e. their cookie stores a valid hash). Otherwise you pass the $username, $password, and whether or not the user asked to be remembered ($remember). * If the $username and hashed $password match that which is stored in the database the user is logged in. * If the user has clicked 'remember me' then a cookie is also stored with a hash in order to keep the user logged in. */ public function login($username = null, $password = null, $remember = false) { if (!$username && !$password && $this->exists()) { Session::put($this->_sessionName, $this->data()->id); } else { $user = $this->find($username); //Otherwise, find the user. if ($user) { if ($this->data()->password === Hash::make($password, $this->data()->salt)) { Session::put($this->_sessionName, $this->data()->id); //If the password was correct, put a session. if ($remember) { $hash = Hash::unique(); //Create a unique hash. //Check whether a hash exists in the 'users_session' table for that user already i.e. they have logged in previously and asked to be remembered. $hashCheck = $this->_db->get('users_session', array('user_id', '=', $this->data()->id)); if (!$hashCheck->count()) { //Insert a hash into the database for the user. $this->_db->insert('users_session', array('user_id' => $this->data()->id, 'hash' => $hash)); } else { $hash = $hashCheck->first()->hash; //Take the first row and the value stored for hash and save it in the local variable $hash. } Cookie::put($this->_cookieName, $hash, Configurations::get('remember/cookie_expiry')); //store the hash in a cookie Cookie::put($this->_cookieName2, $this->data()->id, Configurations::get('remember/cookie_expiry')); //store the userID in a cookie } return true; } } } return false; }