function authenticate($login, $password, $remember = FALSE, $forward = TRUE, $origin = NULL)
{
$common = new common();
// Get all the administrators from the administrators.xml file.
$administrators = simplexml_load_file($_SERVER['DOCUMENT_ROOT'] . "/data/administrators.xml") or die("Error: Cannot create administrators object");
foreach ($administrators as $administrator) {
// If or when we get to a matching login compare the supplied password to the one stored inadministrators.xml.
if ($administrator->login == $login) {
if (password_verify($password, $administrator->password)) {
// Set the session variable Authenticated to TRUE and assign the variable Login the supplied login.
$_SESSION['authenticated'] = TRUE;
$_SESSION['login'] = $login;
$_SESSION['firstLogin'] = $common->stringToBoolean($administrator->firstLogin);
// If the user wishes to be remembered set a cookie containg the authenticated and login variables.
if ($remember) {
setcookie("authenticated", TRUE, time() + 10 * 365 * 24 * 60 * 60);
setcookie("login", $login, time() + 10 * 365 * 24 * 60 * 60);
setcookie("firstLogin", $common->stringToBoolean($administrator->firstLogin), time() + 10 * 365 * 24 * 60 * 60);
}
// Forward the user if the $forward variable is set to TRUE.
if ($forward) {
if (isset($origin)) {
// Redirect the authenticated visitor to their original destination.
header("Location: " . urldecode($origin));
} else {
// Redirect the user to the administration homepage.
header("Location: index.php");
}
}
return TRUE;
}
}
}
// If things got this far authentication failed.
return FALSE;
}
