/** * Makes the login process. * * @param string $username Username provided. * @param string $password Clean password typed by user. * @param boolean $keepLogged Keep the user logued for next uses. * * @throws Phprojekt_Auth_Exception On login errors. * * @return boolean True if login process was sucessful. */ public static function login($username, $password, $keepLogged = false) { $user = Phprojekt_Loader::getLibraryClass('Phprojekt_User_User'); $userId = $user->findIdByUsername($username); if ($userId > 0) { $user->find($userId); } else { throw new Phprojekt_Auth_Exception('Invalid user or password', 4); } if (!$user->isActive()) { throw new Phprojekt_Auth_Exception('User Inactive', 5); } try { $setting = Phprojekt_Loader::getLibraryClass('Phprojekt_Setting'); $setting->setModule('User'); // The password does not match with password provided if (!Phprojekt_Auth::_compareStringWithPassword($password, $setting->getSetting("password", $userId))) { throw new Phprojekt_Auth_Exception('Invalid user or password', 2); } } catch (Exception $error) { $error->getMessage(); throw new Phprojekt_Auth_Exception('Invalid user or password', 3); } // Regenerate the id if we are not in the unitTest if (!headers_sent()) { Zend_Session::regenerateId(); } // If the user was found we will save the user information on the session $authNamespace = new Zend_Session_Namespace('Phprojekt_Auth-login'); $authNamespace->userId = $user->id; $authNamespace->admin = $user->admin; if ($keepLogged) { // Delete previous existing data, just in case self::_deleteDbAndCookies($userId); // Store matching keepLogged data in DB and browser self::_saveLoginData($userId); } // Please, put any extra info of user to be saved on session here return true; }