Back to index

awl  0.53
Classes | Namespaces | Functions
Session.php File Reference

Go to the source code of this file.

Classes

class  Session

Namespaces

namespace  awl
 Authentication handling class.

Functions

 check_temporary_passwords ($they_sent, $user_no)
 Checks what a user entered against any currently valid temporary passwords on their account.

Function Documentation

check_temporary_passwords ( they_sent,
user_no 
)

Checks what a user entered against any currently valid temporary passwords on their account.

Parameters:
string$they_sentWhat the user entered.
int$user_noWhich user is attempting to log on.
Returns:
boolean Whether or not the user correctly guessed a temporary password within the necessary window of opportunity.

Definition at line 36 of file Session.php.

                                                           {
  $sql = 'SELECT 1 AS ok FROM tmp_password WHERE user_no = ? AND password = ? AND valid_until > current_timestamp';
  $qry = new AwlQuery( $sql, $user_no, $they_sent );
  if ( $qry->Exec('Session::check_temporary_passwords') ) {
    dbg_error_log( "Login", " check_temporary_passwords: Rows = ".$qry->rows());
    if ( $row = $qry->Fetch() ) {
      dbg_error_log( "Login", " check_temporary_passwords: OK = $row->ok");
      // Remove all the temporary passwords for that user...
      $sql = 'DELETE FROM tmp_password WHERE user_no = ? ';
      $qry = new AwlQuery( $sql, $user_no );
      $qry->Exec('Login',__LINE__,__FILE__);
      return true;
    }
  }
  return false;
}

Here is the caller graph for this function: