function apiValidateToken($token)
{
$t = sqlfetch(sqlquery("SELECT * FROM bigtree_api_tokens WHERE token = '{$token}'"));
if (!$t) {
echo BigTree::apiEncode(array("success" => false, "error" => "Token is invalid."));
return false;
}
if ($t["temporary"] && strtotime($t["expires"]) < time()) {
echo BigTree::apiEncode(array("success" => false, "error" => "Token has expired."));
return false;
}
// If it's a temporary token, update its expiration to keep it fresh.
if ($t["temporary"]) {
sqlquery("UPDATE bigtree_api_tokens SET expires = '" . date("Y-m-d H:i:s", strtotime("+30 minutes")) . "' WHERE id = '" . $t["id"] . "'");
}
$user = $this->getUser($t["user"]);
$this->ID = $user["id"];
$this->User = $user["email"];
$this->Level = $user["level"];
$this->Name = $user["name"];
$this->Permissions = $user["permissions"];
$this->ReadOnly = $t["read_only"];
return true;
}
