blob: 931c53c7505c0edd0d3b5f96f5d0b80e9c2ee147 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
<?php
class vfsuser {
public $username;
public $login = false;
private $pepper;
private $query = false;
public function __construct($name){
$this->username = $name;
if ( isset($_SESSION["loggedin"]) )
$this->login = $_SESSION["loggedin"];
if ( PEPPER_IS_FILE )
$this->pepper=file_get_contents(PEPPER);
else
$this->pepper=PEPPER;
$this->_setQuery();
}
# get's everything from the database
private function _setQuery(){
global $vfsdb;
$db_db = $vfsdb->doQuery("SELECT * FROM " . DBPREFIX . "user WHERE name='" . $this->username . "';");
if ( is_bool($db_db) )
$this->query=false;
else
$this->query=$db_db->fetch_array(MYSQLI_ASSOC);
}
public function getUser(){
return $this->query['name'];
}
public function getUserId(){
return $this->query['id'];
}
public function getPassword(){
return $this->query['password'];
}
public function getInvites(){
return $this->query['invites'];
}
public function getEmail(){
return $this->query['email'];
}
public function getKey(){
return $this->query['invitekey'];
}
public function getStatus(){
return $this->query['status'];
}
public function getRegister(){
return $this->query['register'];
}
public function getInviter(){
return $this->query['inviter'];
}
# check if current user is authenticated
public function isLoggedIn(){
return $this->login;
}
public function login($password, $second_password){
# check if both passwords the same
if ( $password != $second_password)
return false;
# get hashed password from the database
$hashed_password = $this->getPassword();
# do the password check with php function
if ( ! password_verify($password . PEPPER, $hashed_password) )
return false;
# set login to true
$this->login = true;
# start a session if needed
if ( session_status() != PHP_SESSION_ACTIVE )
session_name(VFS_SESSION);
session_start();
}
# set session variable to true
$_SESSION["loggedin"] = true;
return true;
}
public function logout(){
# no session active, so return false
if ( session_status() != PHP_SESSION_ACTIVE )
return false;
# set login to false
$this->login = false;
# destroy session
if( ! session_destroy() )
return false;
return true;
}
}
|
