public function login($username, $password)
{
//valider login
//valider password
//pour éviter sql injection
//$userdao = new UserDao(new User());
//$userdao->test();
// $dao = new DAO(array('username' =>$username, 'password' =>$password), $this->table );
//$user = $dao->select();
$userDao = new UserDao(new User());
//$where = array('email'=>"$email");
$user = $userDao->getRow(array('username' => $username, 'password' => $password));
if (isset($user)) {
require_once WEBAPPROOT . 'security/UserSession.php';
$session = new UserSession();
$session->start();
$session->set($user);
//var_dump($session->get());
return $user;
}
}