if (isset($_COOKIE["Friendica"])) {
$data = json_decode($_COOKIE["Friendica"]);
if (isset($data->uid)) {
- $r = q("SELECT `user`.*, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey`
- FROM `user` WHERE `uid` = %d AND NOT `blocked` AND NOT `account_expired` AND NOT `account_removed` AND `verified` LIMIT 1",
- intval($data->uid)
+
+ $user = dba::select('user',
+ [],
+ [
+ 'uid' => $data->uid,
+ 'blocked' => false,
+ 'account_expired' => false,
+ 'account_removed' => false,
+ 'verified' => true,
+ ],
+ ['limit' => 1]
);
- if ($r) {
- if ($data->hash != cookie_hash($r[0])) {
+ if (DBM::is_result($user)) {
+ if ($data->hash != cookie_hash($user)) {
logger("Hash for user " . $data->uid . " doesn't fit.");
nuke_session();
goaway(System::baseUrl());
// Expires after 7 days by default,
// can be set via system.auth_cookie_lifetime
$authcookiedays = Config::get('system', 'auth_cookie_lifetime', 7);
- new_cookie($authcookiedays * 24 * 60 * 60, $r[0]);
+ new_cookie($authcookiedays * 24 * 60 * 60, $user);
// Do the authentification if not done by now
if (!isset($_SESSION) || !isset($_SESSION['authenticated'])) {
- authenticate_success($r[0]);
+ authenticate_success($user);
if (Config::get('system', 'paranoia')) {
$_SESSION['addr'] = $data->ip;
goaway(System::baseUrl());
}
- $r = q("SELECT `user`.*, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey`
- FROM `user` WHERE `uid` = %d AND NOT `blocked` AND NOT `account_expired` AND NOT `account_removed` AND `verified` LIMIT 1",
- intval($_SESSION['uid'])
+ $user = dba::select('user',
+ [],
+ [
+ 'uid' => $_SESSION['uid'],
+ 'blocked' => false,
+ 'account_expired' => false,
+ 'account_removed' => false,
+ 'verified' => true,
+ ],
+ ['limit' => 1]
);
-
- if (!DBM::is_result($r)) {
+ if (!DBM::is_result($user)) {
nuke_session();
goaway(System::baseUrl());
}
$_SESSION['last_login_date'] = datetime_convert('UTC', 'UTC');
$login_refresh = true;
}
- authenticate_success($r[0], false, false, $login_refresh);
+ authenticate_success($user, false, false, $login_refresh);
}
} else {
session_unset();