/** * It logs the player in! * * @param string $username what name they? * @param string $password what's the secret word? * @return bool did they do it right? */ public function log_in($username, $password) { $username = htmlentities($username, ENT_QUOTES, 'UTF-8'); $player_exists = $this->get_player($username); if (!$player_exists) { return false; } /** * Sigh. sha1 fails so bad, and there's no easy way to get rid of it which doesn't suck, esp on an upgraded db. */ if ($this->password == sha1($password) && IS_UPGRADE) { $this->login_salt = substr(md5(uniqid(rand(), true)), 0, 5); $this->password = md5($password . $this->login_salt); $player_update['password'] = $this->password; $player_update['login_salt'] = $this->login_salt; $player_insert_query = $this->db->AutoExecute('players', $player_update, 'UPDATE', 'id = ' . $this->id); } if ($this->password == md5($password . $this->login_salt)) { $login_rand = substr(md5(uniqid(rand(), true)), 0, 5); $update_player['login_rand'] = $login_rand; $update_player['last_active'] = time(); $player_query = $this->db->AutoExecute('players', $update_player, 'UPDATE', 'id = ' . $this->id); $hash = md5($this->id . $this->password . $login_rand); $_SESSION['logged_in_user_id'] = $this->id; $_SESSION['hash'] = $hash; setcookie("logged_in_user_id", $this->id, time() + 2592000); code_cookie::$id = $this->id; code_cookie::set("cookie_hash", $hash, time() + 2592000); return true; } else { return false; } }
/** * sets the player id * * @param int $id player id */ public static function set_id($id) { self::$id = $id; }