function checkAuth() { global $settings; require_once "./models/users.php"; $username = $_POST["username"]; $passw = $_POST["passw"]; //echo sha1($passw)."<br />\n"; //echo "$username<br />\n"; $mUsers = new UsersModel(); if ($mUsers->verifyPassw($username, $passw)) { $authDataArr = json_decode($mUsers->getAuthInfo_json($username), true); if (!$authDataArr['isError']) { $key = $authDataArr['resultStr']['last_key']; //last key stored $last_key_date = $authDataArr['resultStr']['last_key_date']; //last key date //echo "<br/>last key date: $last_key_date<br/>"; //echo "current date: ".time()."<br/>"; if ($last_key_date == "" or time() - $last_key_date > $settings->get('keyLastsFor')) { $key = sha1($username . "@" . $passw . ":" . time()); $mUsers->updateKey($username, $key); } //session_name("Mandolin"); //session_start(); session_regenerate_id(); $_SESSION["key"] = $key; $_SESSION["username"] = $username; $_SESSION["userAdminLevel"] = $mUsers->isAdmin($username); $_SESSION["id"] = sha1(session_id()); //print_r($_SESSION); header("Location: ."); exit; } } header("Location: ./?p=login&passw=false"); }