m17hr1l/nibiru-framework.com
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Version 0.9.5 beta - added the user_id to the session, also renamed the session_id in order to make sense

Browse Source
This commit is contained in:
Stephan Kasdorf
2020-09-29 22:36:56 +02:00
parent 5f3c449123
commit 47171d3fa6
1 changed files with 13 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
core/c/auth.php
View File

@@ -52,14 +52,19 @@ class Auth extends Controller implements IAuth
if(!array_key_exists('auth', $_SESSION))
{
$user_password = Pdo::query("SELECT user_account_active, DES_DECRYPT(user_pass, '".Config::getInstance()->getConfig()[IView::NIBIRU_SECURITY]["password_hash"]."') AS pass FROM user WHERE user_login = '".$login."';");
if( $user_password["pass"] == $password && $user_password['user_account_active'] )
{
$session_id = session_id();
$_SESSION['auth']['id'] = $session_id;
$_SESSION['auth']['login'] = $login;
return true;
}
$user_password = Pdo::query("SELECT user_account_active, DES_DECRYPT(user_pass, '".Config::getInstance()->getConfig()[IView::NIBIRU_SECURITY]["password_hash"]."') AS pass, user_id FROM user WHERE user_login = '".$login."';");
if( $user_password["pass"] == $password && $user_password['user_account_active'] == 1 )
{
$session_id = session_id();
$_SESSION = [
'auth' => [
'session_id' => $session_id,
'user_id' => $user_password['user_id'],
'login' => $login
]
];
return true;
}
else
{
return false;