public function createSession($userid) { $facepunch = new facepunch(); //Set user ID $facepunch->setUserID($userid); //Check if valid if (!$facepunch->isUserValid()) { //Don't do shit. Not a valid user no session for you kiddo. return false; } //Regenerate an ID here. //Delete broken sessions. $this->deleteBrokenSessions($userid); //Create a fresh session ID $this->startFreshSession(); if (session_id()) { //Insert this session ID //Add a new auth key $STH = $this->database->prepare("INSERT INTO activeusers(userid,sessionid,userlevel,ip,logintime) VALUES (?,?,?,?,?)"); //Bind the params $STH->bindParam(1, $fpid); $STH->bindParam(2, $fpsessionkey); $STH->bindParam(3, $fpuserlevel); $STH->bindParam(4, $fpip); $STH->bindParam(5, $fptime); //Set the params $fpid = $userid; $fpsessionkey = session_id(); $fpip = $_SERVER["REMOTE_ADDR"]; $fpuserlevel = "0"; $fptime = time(); //Execute it $STH->execute(); //Return true! return true; } //Nope! return false; }
} } die(json_encode($response)); } if ($_POST["action"] == "getmyinformation") { $response = array(); $response["error"] = "false"; if (!$_POST["sessionid"]) { $response["error"] = "no session id"; } else { if (!$session->activeSession($_POST["sessionid"])) { $response["error"] = "session id is invalid!"; } else { $facepunch = new facepunch(); $facepunch->setUserID($session->sessionToUserID($_POST["sessionid"])); if (!$facepunch->isUserValid()) { $response["error"] = "user is invalid"; unset($facepunch); } else { $account->setPaths('../json/facepunch/', '../../images/facepunch/avatars/'); if (!$account->hasInformation($facepunch->currentUserID())) { $account->checkInformation($facepunch->currentUserID()); } $response["information"] = $account->getInformation($facepunch->currentUserID(), false); } } } die(json_encode($response)); } if ($_POST["action"] == "getactiveusers") { $response = array();