function checkAuth()
{
global $settings;
require_once "./models/users.php";
$username = $_POST["username"];
$passw = $_POST["passw"];
//echo sha1($passw)."<br />\n";
//echo "$username<br />\n";
$mUsers = new UsersModel();
if ($mUsers->verifyPassw($username, $passw)) {
$authDataArr = json_decode($mUsers->getAuthInfo_json($username), true);
if (!$authDataArr['isError']) {
$key = $authDataArr['resultStr']['last_key'];
//last key stored
$last_key_date = $authDataArr['resultStr']['last_key_date'];
//last key date
//echo "<br/>last key date: $last_key_date<br/>";
//echo "current date: ".time()."<br/>";
if ($last_key_date == "" or time() - $last_key_date > $settings->get('keyLastsFor')) {
$key = sha1($username . "@" . $passw . ":" . time());
$mUsers->updateKey($username, $key);
}
//session_name("Mandolin");
//session_start();
session_regenerate_id();
$_SESSION["key"] = $key;
$_SESSION["username"] = $username;
$_SESSION["userAdminLevel"] = $mUsers->isAdmin($username);
$_SESSION["id"] = sha1(session_id());
//print_r($_SESSION);
header("Location: .");
exit;
}
}
header("Location: ./?p=login&passw=false");
}
