public function __construct() { $cookie = Encrypt::decode(base64_decode($_COOKIE['auth']), COOKIE_KEY); if ($cookie) { list($this->uid, $this->email, $this->nickname) = explode("\t", $cookie); } }
/** * Get current user object * @return User */ public static function getCurrent() { /** @var User $user */ $user = $_SESSION['currentUser']; if ($user && TIMESTAMP - $user->lastActive > 600) { $userObj = self::getUserByUserId($user->uid); if (!$userObj) { $user = null; } elseif ($user->password != $userObj->password) { // Password changed $user = null; } else { $userObj->lastActive = TIMESTAMP; $user = $userObj; } } elseif (!$user->uid) { $uid = Encrypt::decode(base64_decode($_COOKIE['uid']), ENCRYPT_KEY); $expire = Encrypt::decode(base64_decode($_COOKIE['expire']), ENCRYPT_KEY); $token = Encrypt::decode(base64_decode($_COOKIE['token']), ENCRYPT_KEY); if ($uid && $expire && $token) { $userObj = self::getUserByUserId($uid); if ($userObj) { $validateToken = md5($userObj->uid . ":" . $userObj->email . ":" . $userObj->passwd . ":" . $expire . ":" . COOKIE_KEY); if ($token == $validateToken) { $userObj->lastActive = TIMESTAMP; $user = $userObj; } } } } $_SESSION['currentUser'] = $user; return $user; }