function dbLogin($username, $password)
{
$db = new Database();
$mysqli = $db->openConnection();
$sql = "SELECT salt, hash FROM users WHERE email = ?";
$stmt = $mysqli->prepare($sql);
$hash_db = NULL;
$salt_db = NULL;
if ($stmt->bind_param('s', $username)) {
if ($stmt->execute()) {
$stmt->bind_result($salt_db, $hash_db);
if (!$stmt->fetch()) {
return false;
} else {
return existingUsername($salt_db, $hash_db, $password, $username);
}
$stmt->free_result();
}
$db->closeConnection($mysqli);
}
return false;
}
function validate_userName($username_input)
{
//store and sanitize the input and remove white spaces at the end and the beginning of it
$userName = trim(filter_var($username_input, FILTER_SANITIZE_STRING));
$errors = FALSE;
if (empty($userName)) {
$errors = TRUE;
$error_messages[] = "please enter an user name or ID";
//check if the username is already being used by another user
} elseif (existingUsername($userName)) {
$errors = TRUE;
$error_messages[] = "username already being used";
}
//returns the username or an error message
if ($errors == TRUE) {
return $error_messages;
} else {
return $userName;
}
}
