blob: b0f5e57229ad15ea94e07a4f9d8c6a9bd0953af8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
<?php
include('class.password.php');
class User extends Password{
private $db;
function __construct($db){
parent::__construct();
$this->_db = $db;
}
public function is_logged_in(){
if(isset($_SESSION['loggedin']) && $_SESSION['loggedin'] == true){
return true;
}
}
private function get_user_hash($username){
try {
$stmt = $this->_db->prepare('SELECT password FROM blog_members WHERE username = :username');
$stmt->execute(array('username' => $username));
$row = $stmt->fetch();
return $row['password'];
} catch(PDOException $e) {
echo '<p class="error">'.$e->getMessage().'</p>';
}
}
public function login($username,$password){
$hashed = $this->get_user_hash($username);
try {
$stmt = $this->_db->prepare('SELECT memberID,password,active FROM blog_members WHERE username = :username');
$stmt->execute(array('username' => $username));
$row = $stmt->fetch();
if($this->password_verify($password,$hashed) == 1 && $row['active'] == 'yes') {
$_SESSION['time'] = time();
$_SESSION['loggedin'] = true;
$_SESSION['username'] = $username;
$_SESSION['userid'] = $row['memberID'];
return true;
}
} catch(PDOException $e) {
echo '<p class="error">'.$e->getMessage().'</p>';
}
}
public function logout(){
session_destroy();
}
}
?>
|
