public function isValid() { /* if the variables arn't set then the cookies arn't there and it's invalid */ if (!isset($this->username) || !isset($this->token) || !isset($this->seriesIdentifier)) { return false; } /* we look at the variables and make sure they match the databases */ /* read the record matching the username in the cookie */ $pl = new Account_PersistantLogin(); if ($pl->read(array('username' => $this->username))) { /* check the token and series is the same */ if ($this->matches($pl)) { /* valid, change the token*/ //$pl->token = generateSecureDec(); //$pl->update(); //setcookie("token",$pl->token,time() + (1 * 365 * 24 * 60 * 60), '/'); return true; } } return false; }
public static function getLoggedIn() { if (isset($_SESSION['user']) && isset($_SESSION['ip'])) { /* need to verify the ip hasn't changed */ if ($_SESSION['ip'] === findIPLong()) { /* if the user variable is set then they are logged in for this session */ /* we can assume the pw's are right as the session variable is server side */ return true; } else { } /* ip has changed need to create new session for them based on cookies or log them out */ } /* else we need to check cookies for the id & hash */ $pl = new Account_PersistantLogin(); /* fill the class with data from cookie data */ $pl->fromCookies(); /* if the persistant login is valid we can have them logged in */ if ($pl->isValid()) { $user = new Account_User(); $user->read(array('name' => $pl->username)); $_SESSION['user'] = $user; $_SESSION['ip'] = findIPLong(); return true; } else { } return false; }