Ejemplo n.º 1
0
 function apiValidateToken($token)
 {
     $t = sqlfetch(sqlquery("SELECT * FROM bigtree_api_tokens WHERE token = '{$token}'"));
     if (!$t) {
         echo BigTree::apiEncode(array("success" => false, "error" => "Token is invalid."));
         return false;
     }
     if ($t["temporary"] && strtotime($t["expires"]) < time()) {
         echo BigTree::apiEncode(array("success" => false, "error" => "Token has expired."));
         return false;
     }
     // If it's a temporary token, update its expiration to keep it fresh.
     if ($t["temporary"]) {
         sqlquery("UPDATE bigtree_api_tokens SET expires = '" . date("Y-m-d H:i:s", strtotime("+30 minutes")) . "' WHERE id = '" . $t["id"] . "'");
     }
     $user = $this->getUser($t["user"]);
     $this->ID = $user["id"];
     $this->User = $user["email"];
     $this->Level = $user["level"];
     $this->Name = $user["name"];
     $this->Permissions = $user["permissions"];
     $this->ReadOnly = $t["read_only"];
     return true;
 }