public function login($login = '', $password = '')
{
// user data initialization
if (isset($_POST['login']) && isset($_POST['password'])) {
$login = trim($_POST['login']);
$password = trim($_POST['password']);
}
// /user data initialization
// $login=trim($login); $password=trim($password);
if ($login != '' && $password != '') {
if ($this->check_login($login) && $this->check_password($password)) {
$DB = \DB::init();
if ($DB->connect()) {
$sth = $DB->dbh->prepare("SELECT * FROM `n-users` WHERE LOWER(`usr-login`) = LOWER(?) LIMIT 1;");
// \CORE::msg('debug','User login check');
$sth->bindParam(1, $login, \PDO::PARAM_STR);
$sth->execute();
$DB->query_count();
if ($sth->rowCount() == 1) {
$r = $sth->fetch();
$salt = $r['usr-salt'];
$hashpass = md5(md5($password) . $salt);
$sth = $DB->dbh->prepare("SELECT * FROM `n-users` WHERE LOWER(`usr-login`)=LOWER(:login) AND `usr-pwd`=:hashpass LIMIT 1;");
$sth->execute(array(':login' => $login, ':hashpass' => $hashpass));
$DB->query_count();
\CORE::msg('debug', 'User login and password check');
if ($sth->rowCount() == 1) {
if ($r['usr-status'] > 0) {
$r = $sth->fetch();
// check profile data here, if needed
\SESSION::start();
// here may be some additional records, like when loged in, which ip, etc
$uid = (int) $r['usr-uid'];
$gid = (int) $r['usr-gid'];
\SESSION::set('uid', $uid);
\SESSION::set('gid', $gid);
\SESSION::set('user', $login);
\COOKIE::set('lastuser', $login);
// optional
if (isset($r['usr-pid'])) {
if ($r['usr-pid'] != '') {
$pid = (int) $r['usr-pid'];
\SESSION::set('pid', $pid);
}
}
// setcookie(PREFX.'st',1,time()+3600); // 1 hour
if (isset($_POST['cookie'])) {
//// $time=86400; // 24 hours
//// setcookie(PREFIX."ul", base64_encode($login), time()+$time, "/");
}
$sth = $DB->dbh->prepare("UPDATE `n-users` SET `usr-lastlogin`=CURRENT_TIMESTAMP() WHERE `usr-uid`=?;");
$sth->execute(array($uid));
$DB->query_count();
// \CORE::msg('debug','User is logged in');
header('Location: ./');
exit;
} else {
\CORE::msg('error', 'Account is currently locked');
}
} else {
\CORE::msg('error', 'Incorrect username or password');
}
} else {
\CORE::msg('error', 'Incorrect username or password');
}
}
} else {
\CORE::msg('error', 'Username or password is not valid');
}
} else {
\CORE::msg('error', 'Empty username or password');
}
}
public static function check_lang()
{
global $conf;
if (isset($conf['lang'])) {
$lang = $conf['lang'];
$langs = CORE::init()->langs;
$ln = COOKIE::get('lang');
if ($ln != '') {
$lang = $ln;
}
if (isset($_GET['lang'])) {
$ln = trim($_GET['lang']);
if (isset($langs[$ln])) {
COOKIE::set('lang', $ln);
$lang = $ln;
}
}
if (isset($langs[$lang])) {
CORE::init()->lang = $lang;
}
CORE::msg('debug', 'language: ' . CORE::init()->lang);
}
}
