mixed CUser::Login( string login, string password, string remember = "N", string password_original = "Y" )
The method verifies the login and password and performs or declines the user authorization depending on the verification result. Returns true on successful authorization. In case the authorization failed (login and/or password are incorrect), the method returns the error description array that can be passed to ShowMessage. If the limit of unsuccessful authorizations is exceeded, the method will stop user authorization with the error "Incorrect login or password". Non-static method.
|Parameter||Description||Available from version|
|password||Password. If the convert_password_to_md5 is "Y", this parameter must contain the original password string. Otherwise, it must contain the MD5 hash on the original password.|
|remember||If "Y", the authorization is to be stored in cookie (the visitor will be authorized automatically next time); otherwise, the authorization is not preserved. The information stored in cookie is a special hash obtained by a call to method CUser::GetPasswordHash. The system automatically authorizes the visitor next time by using the method CUser::LoginByHash.|
Optional parameter. By default value is "N".
|password_original||If "Y", it means that password contains a real password as typed by a visitor (not converted to MD5). If the value is "N", the password has been previously converted to MD5.|
You can obtain the MD5 for the current authorized user by calling the $USER->GetParam("PASSWORD_HASH") method. To get the MD5 for an arbitrary user, call CUser::GetByID method ("PASSWORD" field).
Optional parameter. By default value is "Y". Prior to version 4.0.6 it was called pass2md5.
- "OnBeforeUserLogin" event
- "OnAfterUserLogin" event
Examples of use
<? global $USER; if (!is_object($USER)) $USER = new CUser; $arAuthResult = $USER->Login("admin", "123456", "Y"); $APPLICATION->arAuthResult = $arAuthResult; ?>