public static function login($email, $password)
{
$prefix = Core::getDbTablePrefix();
$email = Utils::sanitize($email);
$response = Core::$db->query("\n\t\t\tSELECT *\n\t\t\tFROM {$prefix}user_accounts\n\t\t\tWHERE email = '{$email}'\n\t\t\tLIMIT 1\n\t\t");
if (!$response["success"]) {
return;
}
$L = Core::$language->getCurrentLanguageStrings();
$data = mysqli_fetch_assoc($response["results"]);
if (empty($data)) {
return array("success" => false, "message" => $L["no_account_found"]);
}
// compare the passwords
$encryptionSalt = Core::getEncryptionSalt();
$encryptedPassword = crypt($password, $encryptionSalt);
if ($encryptedPassword != $data["password"]) {
return array("success" => false, "message" => $L["invalid_password"]);
}
// store the account in sessions
$_SESSION["account_id"] = $data["account_id"];
// update the last login time for this user
$now = Utils::getCurrentDatetime();
Core::$db->query("UPDATE {$prefix}user_accounts SET last_logged_in = '{$now}' WHERE account_id = {$data["account_id"]}");
return array("success" => true, "message" => "");
}