public function login ($user, $password)
{
$safeUser = janitor::cleanData($user, 'sql');
$query = new query();
$query->select()->from('userUsers')->joinLeft('userGroups', 'userUsers.group', 'id')->where('username', $user)->limit(
'1');
$result = $this->sDb->query($query);
if ($this->sDb->numRows($result) > 0)
{
$row = $this->sDb->assoc($result);
$safePassword = janitor::passwd($password, $row['salt']);
if ($safePassword['passwd'] == $row['password'])
{
$this->user = $user;
$this->userData = $row;
$this->setCookie($user, $row['email']);
$this->setSession($safeUser);
return false;
} else
{
return text::get('login/failedLogin');
}
} else
{
return text::get('login/failedLogin');
}
}
$this->dOutput['form']['validation']['existant'] = $dValidator->arrayItems($this->dOutput['form']['data'],
$necessaryItems);
$this->dOutput['form']['validation']['untaken'] = $dValidator->isTaken($this->dOutput['form']['data'], $uniqueItems,
'qbUsers');
if (! isset($this->dOutput['form']['validation']['existant']['invalid']) && ! isset(
$this->dOutput['form']['validation']['untaken']['invalid']))
{
# Telling template all went okay
$this->dOutput['form']['validation']['passed'] = true;
# Sanitizing our input
foreach ($this->dOutput['form']['data'] as $k => $v)
{
$cleanData[$k] = $this->db->escape($v);
}
$passwd = janitor::passwd($cleanData['password']);
# Queries are here.
if ($this->dOutput['form']['editing'])
{
$query = "UPDATE `qbUsers` SET
`user` = '" . $cleanData['user'] . "',
`email` = '" . $cleanData['email'] . "',
`fullname` = '" . $cleanData['fullname'] . "',
" . ($cleanData['password'] == "(no change)" ? '' : "`password` = '" .
$passwd['passwd'] . "',") . "
" . ($cleanData['password'] == "(no change)" ? '' : "`salt` = '" .
$passwd['salt'] . "',") . "
`accessLevel` = '" . $cleanData['accessLevel'] . "'
WHERE `qbUsers`.`user` = '" . $cleanData['user'] . "' LIMIT 1 ;";
} else
{
public function save ()
{
# Set a registration date if one doesn't exist (ie, a new user).
if ($this->getProperty('registrationDate', true) == null)
{
$this->setProperty('registrationDate', date('Y-m-d'));
} else
{
$this->setProperty('registrationDate', $this->getProperty('registrationDate', true));
}
# Do not change password if password boxes are empty.
if ($this->getProperty('password') == null)
{
$this->setProperty('password', $this->getProperty('password', true));
$this->setProperty('password_check', $this->getProperty('password', true));
$this->setProperty('salt', $this->getProperty('salt', true));
}
# Only change password if different from old password.
if ($this->originalProperties['password'] != $this->properties['password'])
{
$newPass = janitor::passwd($this->getProperty('password'));
$newPassCheck = janitor::passwd($this->getProperty('password_check'), $newPass['salt']);
$this->setProperty('password', $newPass['passwd']);
$this->setProperty('password_check', $newPassCheck['passwd']);
$this->setProperty('salt', $newPass['salt']);
}
$this->saveObject();
}