/**
* Attempt to login, and set the session
*/
public function login($username = '', $password = '')
{
// convert the plaintext password to a SHA1 encoded string
$password = hash('sha1', $password);
$username = Pixelpost_DB::escape($username);
$old_sess_id = session_id();
// First check if there is a session available with a login_hash.
if ($this->session->get('login_vars')) {
// There is login data present in the session so compare the username and password
// with data stored in session
$sess_loginarr = $this->session->get('login_vars');
if ($sess_loginarr['login'] == $username && $sess_loginarr['password'] == $password) {
// The given data corresponds with the data stored in the session
// Next step is to establish if the hash can be confirmed
session_regenerate_id();
$this->session->db_destroy($old_sess_id);
unset($old_sess_id);
return $this->confirmAuth();
} else {
// The given data is not the data in the session, do not login the user.
// destroy the current session
$this->logout();
return false;
}
} else {
// If there isn't any session we need to check the given credentials against the database
// In order to do so we select the status of a user. If that status == 1 then the user can login
$status = (int) Pixelpost_DB::get_var("SELECT `status` FROM users WHERE username = '******' AND password = '******' LIMIT 1");
if ($status == 1) {
// We're good to go!
// Store the username, password and hash into the session
session_regenerate_id();
$this->session->db_destroy($old_sess_id);
unset($old_sess_id);
$this->storeAuth($username, $password);
return true;
} else {
// Login invalid, or the user is banned
return false;
}
}
}
/**
* Delete the session data row in the database
* Return true or false.
*
* @param $sess_id
* @access public
* @return bool
*/
public function db_destroy($sess_id)
{
$sess_id = Pixelpost_DB::escape($sess_id);
$sql = "DELETE FROM sessions WHERE sess_id = '{$sess_id}'";
$result = Pixelpost_DB::query($sql);
//Pixelpost_DB::debug();
return $result;
}
/**
* @Delete a node and all its children
* @access public
* @param string $node_name
*/
public function deleteNodeRecursive($node_permalink)
{
try {
$sql = "SELECT left_node, right_node FROM " . $this->tablename . " \n\t\t\t\tWHERE permalink = '" . Pixelpost_DB::escape($node_permalink) . "'";
$result = (array) Pixelpost_DB::get_results($sql);
$result[0]->width_node = $result[0]->right_node - $result[0]->left_node + 1;
Pixelpost_DB::query("DELETE FROM " . $this->tablename . " \n\t\t\t\tWHERE left_node BETWEEN " . $result[0]->left_node . " \n\t\t\t\tAND " . $result[0]->right_node);
Pixelpost_DB::query("UPDATE " . $this->tablename . " \n\t\t\t\tSET right_node = right_node - " . $result[0]->width_node . " \n\t\t\t\tWHERE right_node > " . $result[0]->right_node);
Pixelpost_DB::query("UPDATE " . $this->tablename . " \n\t\t\t \tSET left_node = left_node - " . $result[0]->width_node . " \n\t\t\t\t WHERE left_node > " . $result[0]->right_node);
} catch (exception $e) {
throw new Exception($e);
}
}
