$taskcode = $_GET['task']; include 'lib/db.php'; init_db(); $result = getOpAndTaskAndUserByTaskCode($taskcode); if (is_null($result)) { header('location: index.php'); exit; } $userid = $result['userid']; $op = $result['op']; $task = $op['single_task']; if ($task['completed'] == 1) { header('location: index.php'); exit; } $sid = createNewSessionByUserid($userid); if (is_null($sid)) { header('location: index.php'); exit; } setcookie('sid', $sid, time() + 365 * 24 * 60 * 60); $user = getSessionUser($sid); if (is_null($user)) { setcookie('sid', '', time() - 3600); header('Location: index.php'); exit; } $css = array('home.css', 'task-completed.css'); include 'common/header.php'; include 'lib/op-with-tasks-view.php'; ?>
function createNewSession($email, $password) { global $_DB; $email = strtolower($email); $stmt = $_DB->prepare("SELECT `passwordhash`, `id` FROM `users` WHERE `email` = ?"); $stmt->bind_param('s', $email); $stmt->execute(); $results = $stmt->get_result(); if ($results->num_rows != 1) { return NULL; } $row = $results->fetch_array(MYSQLI_NUM); $correct_hash = $row[0]; if (!validate_password($password, $correct_hash)) { return NULL; } // create new session now $userid = $row[1]; return createNewSessionByUserid($userid); }