/**
* Attempts to auto-login a user based on data stored in cookies.
* If successful, this will log in the user and set up this instance for
* a registered member. It will then regenerate the auto-login information
* for the user to another random value.
*
* @return bool True if logged in, false if not.
*/
protected function _attemptAutoLogin()
{
$userId = $this->_input->cookie('userid', 'uint');
$loginKey = $this->_input->cookie('autologin', 'string');
if (!$userId or !$loginKey) {
return false;
}
// we check the auto-login to make sure it isn't older than 30 days
$user = $this->_model->getAutoLoginInfo($userId);
if ($user['user_autologin_time'] < RPG_NOW - 86400 * 30) {
return false;
}
if (sha1($user['user_autologin'] . RPG::config('cookieSalt')) !== $loginKey) {
return false;
}
// we succeeded. log in, set up the member, and refresh auto login details.
$this->_session->loggedIn = true;
$this->_session->userId = $userId;
$this->setupMember();
$this->refreshAutoLogin();
return true;
}
