public static function logged_in()
{
$cookie = getArrayVar($_COOKIE, 'bt_auth');
if (!$cookie) {
return false;
}
$split = explode('|', $cookie);
if (!is_array($split) || count($split) < 2) {
self::set_auth_cookie('', time() - 3600);
return false;
}
$key = DB::quote($split[0]);
$user_id = DB::quote($split[1]);
$cur_time = DB::quote(date('Y-m-d H:i:s', time()));
//$session = DB::getRow("select session_id,expire, fingerprint from bt_s_authsessions where `success`='1' and `user_id`='$user_id' and `key`='$key' and `expire` > '$cur_time' order by session_id desc");
$session = DB::getRow("select session_id,expire, fingerprint from bt_s_authsessions where `success`='1' and `user_id`='{$user_id}' and `key`='{$key}' order by session_id desc");
if (!$session) {
self::set_auth_cookie('', time() - 3600);
return false;
}
$fingerprint = sha1($_SERVER['HTTP_USER_AGENT'] . $_SERVER['REMOTE_ADDR'] . $key);
if ($session['fingerprint'] != $fingerprint) {
self::set_auth_cookie('', time() - 3600);
return false;
}
self::$expire = $session['expire'];
self::$_authUserId = $split[1];
//extend cookie length if non-ajax request
if (!IS_AJAX) {
$expire = time() + AUTH_SESSION_LENGTH * 60;
$expire_format = DB::quote(date('Y-m-d H:i:s', $expire));
self::set_auth_cookie($_COOKIE['bt_auth'], $expire);
DB::query("update bt_s_authsessions set expire='" . $expire_format . "' where session_id='" . DB::quote($session['session_id']) . "'");
}
return true;
}
