/**
* Is the current user logged in?
*
* @return bool
*/
public static function isLoggedIn()
{
// check if all needed values are set in the session
if (SpoonSession::exists('backend_logged_in', 'backend_secret_key') && (bool) SpoonSession::get('backend_logged_in') && (string) SpoonSession::get('backend_secret_key') != '') {
// get database instance
$db = BackendModel::getDB(true);
// get the row from the tables
$sessionData = $db->getRecord('SELECT us.id, us.user_id
FROM users_sessions AS us
WHERE us.session_id = ? AND us.secret_key = ?
LIMIT 1', array(SpoonSession::getSessionId(), SpoonSession::get('backend_secret_key')));
// if we found a matching row, we know the user is logged in, so we update his session
if ($sessionData !== null) {
// update the session in the table
$db->update('users_sessions', array('date' => BackendModel::getUTCDate()), 'id = ?', (int) $sessionData['id']);
// create a user object, it will handle stuff related to the current authenticated user
self::$user = new BackendUser($sessionData['user_id']);
// the user is logged on
return true;
} else {
SpoonSession::set('backend_logged_in', false);
}
} else {
SpoonSession::set('backend_logged_in', false);
}
// reset values for invalid users. We can't destroy the session because session-data can be used on the site.
if ((bool) SpoonSession::get('backend_logged_in') === false) {
// reset some values
SpoonSession::set('backend_logged_in', false);
SpoonSession::set('backend_secret_key', '');
// return result
return false;
}
}
