function isAdmin($user_id)
{
$_REQUEST["user_id"] = $user_id;
$response = new Response();
$login = new Login();
$login->setResponse($response);
$login->getUserData();
$result = $response->getResponse();
if ($result['error'] == 1) {
return false;
}
if ($result['admin'] == "1") {
return true;
}
return false;
}
<?php
require_once "classes/Login.class.php";
$response = new Response();
if (isset($_REQUEST["action"])) {
$login = new Login();
$login->setResponse($response);
$action = $_REQUEST["action"];
switch ($action) {
case "login":
$login->login();
break;
case "signup":
$login->signup();
break;
default:
$response->getError()->setError("Invalid action called.");
break;
}
$response->sendResponse();
} else {
$response->getError()->setError("There is an error in your request.");
$response->sendResponse();
}
public function tryToAuthenticateUser()
{
$username = isset($_REQUEST["username"]) ? trim($_REQUEST["username"]) : "";
$password = isset($_REQUEST["password"]) ? $_REQUEST["password"] : "";
if (empty($username)) {
$this->getError()->setError("Username cannot be empty.");
} else {
if (empty($password)) {
$this->getError()->setError("Password cannot be empty.");
} else {
$params = array("username" => $username, "password" => $password, "action" => "login");
ob_start();
// send the request
CURLHandler::Post(SERVER_URL . 'loginApi.php', $params, false, true);
$result = ob_get_contents();
ob_end_clean();
$ret = json_decode($result);
if ($ret->error == 1) {
$this->getError()->setError($ret->message);
return $this->getError()->getErrorFlag();
} else {
$id = $ret->userid;
$username = $ret->username;
$nickname = $ret->nickname;
$_SESSION["userid"] = $id;
$_SESSION["username"] = $username;
$_SESSION["nickname"] = $nickname;
// notifying other applications
$response = new Response();
$login = new Login();
$login->setResponse($response);
$login->notify($id, session_id());
return false;
}
}
}
return $this->getError()->getErrorFlag();
}
public function tryToAuthenticateUser()
{
$username = isset($_REQUEST["username"]) ? trim($_REQUEST["username"]) : "";
$password = isset($_REQUEST["password"]) ? $_REQUEST["password"] : "";
if (empty($username)) {
$this->getError()->setError("Username cannot be empty.");
} else {
if (empty($password)) {
$this->getError()->setError("Password cannot be empty.");
} else {
$params = array("username" => $username, "password" => $password, "action" => "login");
ob_start();
// send the request
CURLHandler::Post(SERVER_URL . 'loginApi.php', $params, false, true);
$result = ob_get_contents();
ob_end_clean();
$ret = json_decode($result);
if ($ret->error == 1) {
if (($key = array_search('User is deactivated.', $ret->message)) !== false) {
$ret->message[$key] = 'You need to be confirmed!<br /><a href="#" id="ping_admin">Ping the administrator ...</a>';
}
$this->getError()->setError($ret->message);
return $this->getError()->getErrorFlag();
} else {
$id = $ret->userid;
$username = $ret->username;
$nickname = $ret->nickname;
$admin = $ret->admin;
Utils::setUserSession($id, $username, $nickname, $admin);
// notifying other applications
$response = new Response();
$login = new Login();
$login->setResponse($response);
$login->notify($id, session_id());
return false;
}
}
}
return $this->getError()->getErrorFlag();
}
