Add time-out to password resets; prevent repeated mails #50
@ -12,22 +12,6 @@
|
|||||||
*/
|
*/
|
||||||
class Authentication
|
class Authentication
|
||||||
{
|
{
|
||||||
/**
|
|
||||||
* Checks whether a user still exists in the database.
|
|
||||||
*/
|
|
||||||
public static function checkExists($id_user)
|
|
||||||
{
|
|
||||||
$res = Registry::get('db')->queryValue('
|
|
||||||
SELECT id_user
|
|
||||||
FROM users
|
|
||||||
WHERE id_user = {int:id}',
|
|
||||||
[
|
|
||||||
'id' => $id_user,
|
|
||||||
]);
|
|
||||||
|
|
||||||
return $res !== null;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Checks a password for a given username against the database.
|
* Checks a password for a given username against the database.
|
||||||
*/
|
*/
|
||||||
@ -78,8 +62,18 @@ class Authentication
|
|||||||
*/
|
*/
|
||||||
public static function isLoggedIn()
|
public static function isLoggedIn()
|
||||||
{
|
{
|
||||||
// A user is logged in if a user id exists in the session and this id is (still) in the database.
|
if (!isset($_SESSION['user_id']))
|
||||||
return isset($_SESSION['user_id']) && self::checkExists($_SESSION['user_id']);
|
return false;
|
||||||
|
|
||||||
|
try
|
||||||
|
{
|
||||||
|
$exists = Member::fromId($_SESSION['user_id']);
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
catch (NotFoundException $e)
|
||||||
|
{
|
||||||
|
return false;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
Loading…
Reference in New Issue
Block a user