diff --git a/Project/php/gateway/UserGateway.php b/Project/php/gateway/UserGateway.php index 36e200d..02e54f4 100755 --- a/Project/php/gateway/UserGateway.php +++ b/Project/php/gateway/UserGateway.php @@ -147,13 +147,12 @@ class UserGateway extends AbsGateway } } - public function findUserByLoginPassword(string $login, string $password) : User{ + public function login(string $login) : array{ try { - $query = "SELECT * FROM User_ WHERE email=:email AND password=:password"; - $args = array(':email' => array($login, PDO::PARAM_STR), ':password' => array($password, PDO::PARAM_STR)); + $query = "SELECT password FROM User_ WHERE email=:email"; + $args = array(':email' => array($login, PDO::PARAM_STR)); $this->con->executeQuery($query, $args); - $results = $this->con->getResults(); - return new User($results[0]['id'], $results[0]['password'], $results[0]['email'], $results[0]['name'], $results[0]['surname'], $results[0]['nickname'], $results[0]['image'], $results[0]['extraTime'], $results[0]['groupID'], $this->getRoles($results[0]['id'])); + return $this->con->getResults(); } catch(PDOException $e ){ throw new Exception($e->getMessage()); diff --git a/Project/php/model/AbsModel.php b/Project/php/model/AbsModel.php index cec8f28..8c07555 100755 --- a/Project/php/model/AbsModel.php +++ b/Project/php/model/AbsModel.php @@ -20,15 +20,16 @@ abstract class AbsModel $cleanedLogin = strip_tags($login); $cleanedPassword = strip_tags($password); $gtw = new UserGateway(); - $student = $gtw->findUserByLoginPassword($cleanedLogin, $cleanedPassword); - if ($student) { - session_start(); - $_SESSION['role'] = $this->role; + if (password_verify($cleanedPassword, $gtw->login($cleanedLogin)[0][0])) { + $user = $gtw->findUserByEmail($cleanedLogin); $_SESSION['login'] = $cleanedLogin; - return true; + $roles = array(); + foreach ($roles as $role) $roles[] = $role; + $_SESSION['roles'] = $roles; + return $user; } - else return false; + return null; } public function deconnection(){