src/accounts.php


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29

<?php
function authorize_user()
{
    session_start();

    if (!isset($_COOKIE["secret_key"])) {
        if (isset($_SESSION["user_id"])) {
            session_unset();
        }

        return;
    }

    $db = new SQLite3("../../database.db");

    $stmt = $db->prepare("SELECT id, username FROM users WHERE secret_key = :secret_key");
    $stmt->bindValue("secret_key", $_COOKIE["secret_key"]);
    $results = $stmt->execute();

    if ($row = $results->fetchArray()) {
        $_SESSION["user_id"] = $row["id"];
        $_SESSION["user_name"] = $row["username"];
    } else {
        session_regenerate_id();
        setcookie("secret_key", "", time() - 1000);
    }

    $db->close();
}