- hash: documentation ( source)
- in_array: documentation ( source)
<?php
function login() {
if(isset($_POST["user"]) && isset($_POST["password"])) {
$postUserID = DataFormat::parsePersonID($_POST["user"]);
if(!$postUserID) {
return false;
}
$user = $this->db->getPerson($postUserID);
if(!$user) {
return false;
}
if ($user["activated"] == 0){
return false;
}
$hashedPassword = hash("sha512", $_POST["password"] . $user["salt"]);
if($hashedPassword != $user["password"]) {
return false;
}
if(!in_array($user["id"], $this->testUsers)) {
return false;
}
$_SESSION["user"] = $user;
$_SESSION["loginKey"] = $this->getLoginKey();
return true;
}
return false;
}