/**
* Checks if password is correct
*
* @param $username input username
* @param $password input password
* @return bool true if password is correct for $usre
*/
private function correctPassword($username, $password)
{
$sql = "SELECT password FROM " . $this->DB_TABLE . " WHERE username=" . $this->pdo->quote($username);
$query = $this->pdo->prepare($sql);
$query->execute();
$results = $query->fetchColumn();
if ($results == Encrypter::getEncryptedPassword($password)) {
return true;
} else {
return false;
}
}
