|
|
|
@ -18,9 +18,11 @@ class User_Sql extends User {
|
|
|
|
|
$stmt->bindParam(':admin', $adminInt);
|
|
|
|
|
$stmt->bindParam(':active', $activeInt);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
$hashed_password = password_hash($password, PASSWORD_BCRYPT);
|
|
|
|
|
|
|
|
|
|
$adminInt = $admin? 1 : 0;
|
|
|
|
|
$activeInt = $activeInt? 1 : 0;
|
|
|
|
|
$activeInt = $active? 1 : 0;
|
|
|
|
|
$stmt->execute();
|
|
|
|
|
|
|
|
|
|
return $db->lastInsertId();
|
|
|
|
@ -28,31 +30,31 @@ class User_Sql extends User {
|
|
|
|
|
|
|
|
|
|
public function authentificate($login,$password)
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
$sql =
|
|
|
|
|
"SELECT id,display_name,
|
|
|
|
|
FROM users
|
|
|
|
|
WHERE login='". mysqli_real_escape_string($this->db,$login) . "'
|
|
|
|
|
AND password=SHA2('". mysqli_real_escape_string($this->db,$password) . "',512)
|
|
|
|
|
AND auth_method='local';";
|
|
|
|
|
|
|
|
|
|
$rs = $this->db->query($sql);
|
|
|
|
|
|
|
|
|
|
if($r = $rs->fetch_array(MYSQLI_ASSOC)){
|
|
|
|
|
$this->is_connected = true;
|
|
|
|
|
$this->display_name = $r["display_name"];
|
|
|
|
|
$this->id = $r['id'];
|
|
|
|
|
$this->auth_method = 'sql';
|
|
|
|
|
|
|
|
|
|
return $this;
|
|
|
|
|
|
|
|
|
|
}else{
|
|
|
|
|
$this->is_connected = false;
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
$stmt = $this->db->prepare(
|
|
|
|
|
"SELECT id,display_name,password
|
|
|
|
|
FROM users
|
|
|
|
|
WHERE login=:login
|
|
|
|
|
AND active=1
|
|
|
|
|
AND auth_method='local'"
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
$stmt->bindParam(':login', $login);
|
|
|
|
|
$stmt->execute();
|
|
|
|
|
if($r = $stmt->fetch()){
|
|
|
|
|
|
|
|
|
|
//check password
|
|
|
|
|
if(password_verify($password,$r["password"])){
|
|
|
|
|
$this->is_connected = true;
|
|
|
|
|
$this->display_name = $r["display_name"];
|
|
|
|
|
$this->id = $r['id'];
|
|
|
|
|
$this->auth_method = 'sql';
|
|
|
|
|
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
$this->is_connected = false;
|
|
|
|
|
return $this;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|