iflogin.php

1. <?php
2. session_start();
3. require('config.php');
4. // check if logged in
5. function iflogin(){
6.     // connect to database
7.     $con = new PDO('mysql:host='.DB_HOST.';dbname='.DB_DB.';charset=utf8_general_ci', DB_USERNAME, DB_PASSWORD, array(PDO::ATTR_EMULATE_PREPARES => false, PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION));
8.     $con->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);
9.    
10.     // delete old users
11.     $query = $con->prepare('DELETE * FROM `active_users` WHERE `expires`<=`:time`');
12.     $query->bindValue(':time', time());
13.     $query->execute();
14.    
15.     // find current user in active users
16.     $sql = $con->prepare('SELECT * FROM `active_users` WHERE `session_id` = `:sessid`');
17.     $sql->bindValue(':sessid', session_id());
18.     $res = $sql->fetch();
19.    
20.     if($res->rowCount()){
21.         // is logged in
22.         return true;
23.     }else{
24.         //is not logged it (or timed out)
25.         header('location: ' . HOST);
26.         return false;
27.     }
28. }
29. // extend user log in session, so he can use it longer (the default timeout from current time)
30. function extendSession(){
31.     // connect to database
32.     $con = new PDO('mysql:host='.DB_HOST.';dbname='.DB_DB.';charset=utf8_general_ci', DB_USERNAME, DB_PASSWORD, array(PDO::ATTR_EMULATE_PREPARES => false, PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION));
33.     $con->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);
34.    
35.     // calculate new timeout
36.     $newexp = time() + (60 * SESSION_LENGTH);
37.  
38.     // insert new timeout: prepare
39.     $myquery = $con->prepare('UPDATE `active_users` SET `expires`=`:expires` WHERE `session_id`=`:id`');
40.     // bind values
41.     $myquery->bindValue(':expires',$newexp);
42.     $myquery->bindValue(':id', session_id());
43.     // execute
44.     $myquery->execute();
45. }
46. ?>