public function testPasswordField()
{
$field = new CoreFields\PasswordField();
$password = "******";
$hash_password = $field->check($password);
$this->assertEquals('', CoreFields\PasswordField::check_password("a", $hash_password));
$simple_password = "******";
$hash_password = $field->check($simple_password);
$this->assertTrue(CoreFields\PasswordField::check_password($simple_password, $hash_password));
}
/**
* The method used for login using login and password
*
* @param string $user A string contained the username
* @param string $password A string contained the password
* @param boolean $no_expire_session if true or 0, the session expires when the navigator is closed. If is true or 1, then the session have a lifetime of a year
* @param boolean $yes_hash If is true or 1, then use the $password argument how a hash, if not, is treated how plain text
*/
public function login($user, $password, $no_expire_session = 0, $yes_hash = 0)
{
//load_libraries(array('fields/passwordfield'));
$check_password = 0;
$user = Utils::form_text($user);
$this->arr_user_session[] = $this->field_password;
$this->model_login->set_conditions(['where ' . $this->field_user . '=?', [$user]]);
$arr_user = $this->model_login->select_a_row_where($this->arr_user_session);
settype($arr_user[$this->model_login->idmodel], 'integer');
if ($arr_user[$this->model_login->idmodel] == 0) {
ModelForm::set_values_form($this->model_login->forms, $_POST, 1);
$this->model_login->forms[$this->field_password]->std_error = I18n::lang('users', 'user_error_nick_or_pass', 'Wrong user or password');
unset($arr_user[$this->field_password]);
return false;
} else {
$yes_password = 0;
if ($yes_hash == 0) {
if (PasswordField::check_password($password, $arr_user[$this->field_password])) {
$yes_password = 1;
}
} else {
if ($password === $arr_user[$this->field_password]) {
$yes_password = 1;
}
}
if ($yes_password == 1) {
unset($arr_user[$this->field_password]);
LoginClass::$session[$this->model_login->name] = $arr_user;
//Create token
$new_token = sha1(Utils::get_token());
$this->model_login->reset_require();
$this->model_login->set_conditions('where `' . $this->model_login->idmodel . '`=' . $arr_user[$this->model_login->idmodel]);
$this->model_login->fields_to_update = [$this->field_key];
$final_token = sha1($new_token);
if ($this->model_login->update(array($this->field_key => $final_token))) {
$this->model_login->reload_require();
$lifetime = 0;
if ($no_expire_session == 1) {
$lifetime = time() + 315360000;
//Send cookie for remember login
if (!setcookie($this->name_cookie, $new_token, $lifetime, $this->cookie_path)) {
return false;
}
}
if (!session_regenerate_id(true)) {
$this->txt_error = 'Error: cannot regenerate the session id';
return false;
}
$_SESSION[$this->login_name] = 1;
$_SESSION[$this->model_login->idmodel] = $arr_user[$this->model_login->idmodel];
$_SESSION[$this->token_name] = $final_token;
/*
if(!setcookie($this->name_cookie, $new_token,$lifetime, $this->cookie_path))
{
return false;
}*/
//echo sha1($new_token); die;
return true;
} else {
ModelForm::set_values_form($this->model_login->forms, $_POST, 1);
return false;
}
} else {
ModelForm::set_values_form($this->model_login->forms, $_POST, 1);
$this->model_login->forms[$this->field_password]->std_error = I18n::lang('users', 'user_error_nick_or_pass', 'Wrong user or password');
return false;
}
}
}
