private function _checkAuth() { if (empty($_POST['username']) === true or empty($_POST['password']) === true) { return false; } $username = TextMan::cleanSql($_POST['username']); $password = TextMan::cleanSql($_POST['password']); $this->db->runSelect('users', array('id', 'password', 'hash'), 'LOWER( `username` ) = \'' . strtolower($username) . '\''); if ($this->db->runCountRows() !== 1) { return false; } $fetch = $this->db->runSingleFetch(); if (TextSec::genPassHash($password, $fetch['hash']) !== $fetch['password']) { return false; } set_cookie_sane('userid', $fetch['id'], 86400); set_cookie_sane('password', $fetch['password'], 86400); header('Location: ./'); }
public static function genPassHash($pass, $hash) { return TextSec::hashString($pass, $hash); }