<?php

# check session cookie
$cookie = null;
$valid_cookie = false;
if (isset($_COOKIE['rf_sess'])) {
	$cookie = trim($_COOKIE['rf_sess']);
	if (preg_match('/^[a-z0-9]+$/', $cookie)) {
		require_once '/src/classes/database.php';
		$sm = $db->prepare('SELECT id FROM oauth_tokens WHERE cookie = ?');
		$sm->execute([$cookie]);
		if (($oauth = $sm->fetch()) !== false) {
			if (isset($oauth['id']))
				$valid_cookie = true;
		}
	}
	if (!$valid_cookie)
		setcookie('rf_sess', null);
}