Exemplo n.º 1
0
 /** 
  * Attempts to login with username and password.
  * 
  * @param string $username Username
  * @param string $password Password
  * @return bool True if login was successful, or false otherwise.
  */
 public function login($username, $password)
 {
     $dao = new UserDAO();
     if ($dao->userExists($username)) {
         $pwhash = $dao->getPassword($username);
         if (pw_verify($password, $pwhash)) {
             $this->loggedIn = true;
             $this->username = $username;
             return true;
         }
     }
     return false;
 }
Exemplo n.º 2
0
     $passwd2 = $_POST['passwd2'];
     $username = $_POST['username'];
     // validate password and username
     if ($passwd != $passwd2) {
         $warnings[] = "Passwords don't match";
     }
     if (!isValidPassword($passwd)) {
         $warnings[] = "Not a valid password (longer than " . MIN_PASSWORD_LENGTH . " characters required)";
     }
     if (!isValidUsername($username)) {
         $warnings[] = "Not a valid username (longer than " . MIN_USERNAME_LENGTH . " characters required)";
     }
     // No warnings means everything is in order, and we can create the user
     if (count($warnings) == 0) {
         $dao = new UserDAO();
         if ($dao->userExists($username)) {
             $warnings[] = "Username already taken";
         } else {
             $passwd = pw_encode($passwd);
             if (!$dao->createUser($username, $passwd)) {
                 $warnings[] = "Failed to insert to database";
             } else {
                 // Registration was successful, redirect the user to
                 // the login screen
                 $session->set('register_flag', true);
                 header("Location: login.php");
                 exit;
             }
         }
     }
 }