serializes
This commit is contained in:
parent
07d17b0a4d
commit
3b593a8490
10
User.php
10
User.php
|
@ -11,6 +11,10 @@ class User
|
||||||
|
|
||||||
protected $db;
|
protected $db;
|
||||||
|
|
||||||
|
public function __sleep(){
|
||||||
|
return array('is_connected','external_id','id','display_name','auth_method','groups');
|
||||||
|
}
|
||||||
|
|
||||||
public function get_id()
|
public function get_id()
|
||||||
{
|
{
|
||||||
if($this->is_connected){
|
if($this->is_connected){
|
||||||
|
@ -36,14 +40,12 @@ class User
|
||||||
}
|
}
|
||||||
|
|
||||||
public function set_db(PDO $db){
|
public function set_db(PDO $db){
|
||||||
$this->$db = $db;
|
|
||||||
|
$this->db = $db;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function __construct(PDO $db){
|
public function __construct(PDO $db){
|
||||||
$this->db = $db;
|
$this->db = $db;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -105,7 +105,7 @@ class User_Manager
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$user = new User();
|
$user = new User($db);
|
||||||
|
|
||||||
return $user;
|
return $user;
|
||||||
}
|
}
|
||||||
|
|
32
User_Sql.php
32
User_Sql.php
|
@ -18,9 +18,11 @@ class User_Sql extends User {
|
||||||
$stmt->bindParam(':admin', $adminInt);
|
$stmt->bindParam(':admin', $adminInt);
|
||||||
$stmt->bindParam(':active', $activeInt);
|
$stmt->bindParam(':active', $activeInt);
|
||||||
|
|
||||||
|
|
||||||
$hashed_password = password_hash($password, PASSWORD_BCRYPT);
|
$hashed_password = password_hash($password, PASSWORD_BCRYPT);
|
||||||
|
|
||||||
$adminInt = $admin? 1 : 0;
|
$adminInt = $admin? 1 : 0;
|
||||||
$activeInt = $activeInt? 1 : 0;
|
$activeInt = $active? 1 : 0;
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
|
|
||||||
return $db->lastInsertId();
|
return $db->lastInsertId();
|
||||||
|
@ -29,30 +31,30 @@ class User_Sql extends User {
|
||||||
public function authentificate($login,$password)
|
public function authentificate($login,$password)
|
||||||
{
|
{
|
||||||
|
|
||||||
$sql =
|
$stmt = $this->db->prepare(
|
||||||
"SELECT id,display_name,
|
"SELECT id,display_name,password
|
||||||
FROM users
|
FROM users
|
||||||
WHERE login='". mysqli_real_escape_string($this->db,$login) . "'
|
WHERE login=:login
|
||||||
AND password=SHA2('". mysqli_real_escape_string($this->db,$password) . "',512)
|
AND active=1
|
||||||
AND auth_method='local';";
|
AND auth_method='local'"
|
||||||
|
);
|
||||||
|
|
||||||
$rs = $this->db->query($sql);
|
$stmt->bindParam(':login', $login);
|
||||||
|
$stmt->execute();
|
||||||
|
if($r = $stmt->fetch()){
|
||||||
|
|
||||||
if($r = $rs->fetch_array(MYSQLI_ASSOC)){
|
//check password
|
||||||
|
if(password_verify($password,$r["password"])){
|
||||||
$this->is_connected = true;
|
$this->is_connected = true;
|
||||||
$this->display_name = $r["display_name"];
|
$this->display_name = $r["display_name"];
|
||||||
$this->id = $r['id'];
|
$this->id = $r['id'];
|
||||||
$this->auth_method = 'sql';
|
$this->auth_method = 'sql';
|
||||||
|
|
||||||
return $this;
|
return $this;
|
||||||
|
|
||||||
}else{
|
|
||||||
$this->is_connected = false;
|
|
||||||
return false;
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
}
|
||||||
return false;
|
$this->is_connected = false;
|
||||||
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
Loading…
Reference in New Issue
Block a user