function rememberMe() { $cookie = isset($_COOKIE['rememberme']) ? $_COOKIE['rememberme'] : ''; if ($cookie) { list($user, $token, $mac) = explode(':', $cookie); if ($mac !== hash_hmac('sha256', $user . ':' . $token, REMEMBER_ME_KEY)) { return ""; } $userToken = fetchTokenByUsername($user); if (timingSafeCompare($userToken, $token)) { return $user; } } else { return ""; } }
function verifyKMLI() { global $db; $cookie = isset($_COOKIE['rememberme']) ? $_COOKIE['rememberme'] : ''; if ($cookie) { list($user, $token, $mac) = explode(':', $cookie); $usertoken = $db->getKMLIToken($user); if (timingSafeCompare($usertoken, $token)) { $hashedPassword = $db->getPasswordByEmail($user); logUserIn($user, $hashedPassword); if (isset($_POST["hash"]) && $_POST["hash"] != "") { header("Location: ./#" . $_POST["hash"]); } else { header("Location: ./"); } return TRUE; } } return FALSE; }