function &logUserIn(User $user, $settings = null)
{
$existing_session_id = isset($settings['existing_session_id']) && $settings['existing_session_id'] ? $settings['existing_session_id'] : null;
try {
DB::beginWork('Logging user in @ ' . __CLASS__);
$users_table = TABLE_PREFIX . 'users';
$user_sessions_table = TABLE_PREFIX . 'user_sessions';
$remember = (bool) array_var($settings, 'remember', false);
$new_visit = (bool) array_var($settings, 'new_visit', false);
// Some initial data
$session_id = null;
$new_expires_on = $remember ? time() + 1209600 : time() + 1800;
// 30 minutes or 2 weeks?
// Existing session
if ($existing_session_id) {
$existing_session_data = DB::executeFirstRow("SELECT remember, session_key, interface FROM {$user_sessions_table} WHERE id = ?", $existing_session_id);
if ($existing_session_data && isset($existing_session_data['remember']) && isset($existing_session_data['session_key'])) {
if ($existing_session_data['remember']) {
$new_expires_on = time() + 1209600;
}
// if
$session_key = $existing_session_data['session_key'];
DB::execute("UPDATE {$user_sessions_table} SET user_ip = ?, user_agent = ?, last_activity_on = UTC_TIMESTAMP(), expires_on = ?, visits = visits + 1 WHERE id = ?", AngieApplication::getVisitorIp(), AngieApplication::getVisitorUserAgent(), date(DATETIME_MYSQL, $new_expires_on), $existing_session_id);
$session_id = $existing_session_id;
AngieApplication::setPreferedInterface($existing_session_data['interface']);
}
// if
}
// if
// New session?
if ($session_id === null) {
AngieApplication::setPreferedInterface(array_var($settings, 'interface'));
do {
$session_key = make_string(40);
} while (DB::executeFirstCell("SELECT COUNT(id) AS 'row_count' FROM {$user_sessions_table} WHERE session_key = ?", $session_key) > 0);
DB::execute("INSERT INTO {$user_sessions_table} (user_id, user_ip, user_agent, visits, remember, interface, created_on, last_activity_on, expires_on, session_key) VALUES (?, ?, ?, ?, ?, ?, UTC_TIMESTAMP(), ?, ?, ?)", $user->getId(), AngieApplication::getVisitorIp(), AngieApplication::getVisitorUserAgent(), 1, (int) $remember, AngieApplication::getPreferedInterface(), date(DATETIME_MYSQL), date(DATETIME_MYSQL, $new_expires_on), $session_key);
$session_id = DB::lastInsertId();
}
// if
// Update last visit time
if ($new_visit) {
DB::execute("UPDATE {$users_table} SET last_visit_on = last_login_on, last_login_on = ?, last_activity_on = ? WHERE id = ?", date(DATETIME_MYSQL), date(DATETIME_MYSQL), $user->getId());
} else {
DB::execute("UPDATE {$users_table} SET last_activity_on = ? WHERE id = ?", date(DATETIME_MYSQL), $user->getId());
}
// if
DB::commit('User logged in @ ' . __CLASS__);
$this->session_id = $session_id;
// remember it, for logout
Cookies::setVariable($this->session_id_var_name, "{$session_id}/{$session_key}/" . date(DATETIME_MYSQL));
return parent::logUserIn($user);
} catch (Exception $e) {
DB::rollback('Failed to log user in @ ' . __CLASS__);
throw $e;
}
// try
}