From 0773afdae5b8456ec36f7c77b20406aec2cb1c55 Mon Sep 17 00:00:00 2001 From: William Date: Wed, 2 Feb 2022 12:47:06 +0100 Subject: [PATCH] Commit --- app/core/User.php | 18 ++++++++++++++++-- app/inc.php | 2 +- 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/app/core/User.php b/app/core/User.php index ee26877..2005c35 100644 --- a/app/core/User.php +++ b/app/core/User.php @@ -4,14 +4,17 @@ class User { private Session $session; + private Database $database; public ?bool $loggedIn; public ?string $username; public ?string $password; + public ?int $level; - public function __construct(Session $session) + public function __construct(Session $session, Database $database) { $this->session = $session; + $this->database = $database; $this->setProps(); } @@ -26,6 +29,14 @@ class User $this->logout(); $this->session->flash('Kontodetaljer endret, vennligst logg inn igjen', 'warning'); } + + if ($this->loggedIn) { + $sth = $this->database->conn->prepare('SELECT * FROM brukertabell WHERE Navn = ? AND Passord = ?'); + $sth->execute([$this->username, $this->password]); + $row = $sth->fetch(PDO::FETCH_ASSOC); + + $this->level = $row['NivÄ']; + } } // Set session if user and password match @@ -45,7 +56,10 @@ class User // Check if user and pass match private function authenticate(string $username, string $password): bool { - if ($username === 'William' && $password === 'William') + $sth = $this->database->conn->prepare('SELECT * FROM brukertabell WHERE Navn = ? AND Passord = ?'); + $sth->execute([$username, $password]); + + if ($sth->rowCount()) { return TRUE; } diff --git a/app/inc.php b/app/inc.php index 3adef95..f02c21f 100644 --- a/app/inc.php +++ b/app/inc.php @@ -30,7 +30,7 @@ $config = ( $database = new Database($config['database']); $session = new Session; -$user = new User($session); +$user = new User($session, $database); new AccessControl($user);