username = $name; if ( isset($_SESSION["loggedin"]) ) $this->login = $_SESSION["loggedin"]; if ( PEPPER_IS_FILE ) $this->pepper=file_get_contents(PEPPER); else $this->pepper=PEPPER; $this->_setQuery(); } # get's everything from the database private function _setQuery(){ global $vfsdb; $db_db = $vfsdb->doQuery("SELECT * FROM " . DBPREFIX . "user WHERE name='" . $this->username . "';"); if ( is_bool($db_db) ) $this->query=false; else $this->query=$db_db->fetch_array(MYSQLI_ASSOC); } public function getUser(){ return $this->query['name']; } public function getUserId(){ return $this->query['id']; } public function getPassword(){ return $this->query['password']; } public function getInvites(){ return $this->query['invites']; } public function getEmail(){ return $this->query['email']; } public function getKey(){ return $this->query['invitekey']; } public function getStatus(){ return $this->query['status']; } public function getRegister(){ return $this->query['register']; } public function getInviter(){ return $this->query['inviter']; } # check if current user is authenticated public function isLoggedIn(){ return $this->login; } public function login($password, $second_password){ # check if both passwords the same if ( $password != $second_password) return false; # get hashed password from the database $hashed_password = $this->getPassword(); # do the password check with php function if ( ! password_verify($password . PEPPER, $hashed_password) ) return false; # set login to true $this->login = true; # start a session if needed if ( session_status() != PHP_SESSION_ACTIVE ) session_name(VFS_SESSION); session_start(); } # set session variable to true $_SESSION["loggedin"] = true; return true; } public function logout(){ # no session active, so return false if ( session_status() != PHP_SESSION_ACTIVE ) return false; # set login to false $this->login = false; # destroy session if( ! session_destroy() ) return false; return true; } }