· 8 years ago · Jan 22, 2018, 09:42 PM
1//Function to check if user is logged in, and if so, return user data as an object
2function check_user($secret_key, &$db) {
3 if (!isset($_SESSION['userid']) || !isset($_SESSION['hash'])) {
4 header("Location: index.php");
5 exit;
6 } else {
7 $check = sha1($_SESSION['userid'] . $_SERVER['REMOTE_ADDR'] . $secret_key);
8 if ($check != $_SESSION['hash']) {
9 session_unset();
10 session_destroy();
11 header("Location: index.php");
12 exit;
13 } else {
14 $query = $db->execute("select `id`,`nickname`, `joindate`, `last_active` from `Profile` where `id`=?", array($_SESSION['userid']));
15 $userarray = $query->fetchrow();
16 if ($query->recordcount() == 0) {
17 session_unset();
18 session_destroy();
19 header("Location: index.php");
20 exit;
21 }
22 foreach ($userarray as $key => $value) {
23 $user->$key = $value;
24 }
25 $query = $db->execute("update `Profile` set `last_active`=? where `id`=?", array(time(), $user->id));
26 return $user;
27 }
28 }
29}
30
31$userprofile = check_user($secret_key, $db);