realfan/src/base.auth.php

20 lines
484 B
PHP
Raw Normal View History

<?php
# check session cookie
$cookie = null;
$valid_cookie = false;
if (isset($_COOKIE['rf_sess'])) {
$cookie = trim($_COOKIE['rf_sess']);
if (preg_match('/^[a-z0-9]+$/', $cookie)) {
require_once '/src/classes/database.php';
$sm = $db->prepare('SELECT id FROM oauth_tokens WHERE cookie = ?');
$sm->execute([$cookie]);
if (($oauth = $sm->fetch()) !== false) {
if (isset($oauth['id']))
$valid_cookie = true;
}
}
if (!$valid_cookie)
setcookie('rf_sess', null);
}