/** * Logs a user in * @param string $userEmail Email address the user is trying to login as * @param string $password The password the user is trying to login as * @return bool|string Returns false if the login is successful or returns an error string if unsuccessful */ public static function login($userEmail, $password) { //Retrieve information from the users table if (!($conn = DatabaseUtil::db_connect(DatabaseUtil::DATABASE_USER))) { return 'Database Error contact administration.'; } if ($result = DatabaseUtil::get($conn, 'SELECT * FROM users WHERE emailAddress=? LIMIT 1', [$userEmail])) { //check the password $result = array_shift($result); if (self::hash($password, $result->salt) == $result->password) { SessionUtil::session_set('loggedIn', self::user_token($result->salt)); SessionUtil::session_set('user', serialize($result)); } else { return 'Email or Password are incorrect.'; } } else { return 'Email or Password are incorrect.'; } }
private function add_user() { $user = new \stdClass(); $user->userName = param('txtName'); $user->emailAddress = param('txtEmail'); $user->company = param('txtCompany'); $user->salt = AuthenticationUtil::salt(); $user->password = AuthenticationUtil::hash(param('txtPassword'), $user->salt); $user->privs = array_sum(param('cbxPrivs')); //Make connection if (!($dbConnection = DatabaseUtil::db_connect(DatabaseUtil::DATABASE_USER))) { return 'Error with database connection. Contact DB admin. '; } if (!($error = DatabaseUtil::insert($dbConnection, 'users', $user))) { return 'User Added'; } else { return $error; } }