X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=include%2Fauth.php;h=a02c18d1dbf0f64aa045e418e9155cd91af3773d;hb=0457bd995fe4e723a7cad33c8d464186646db5db;hp=181ba71a629699fad700c417b9a6a2de74f1cbb5;hpb=ec6f5193e20ad0e37daf2b855d59fdf03ae4111d;p=friendica.git

diff --git a/include/auth.php b/include/auth.php
index 181ba71a62..a02c18d1db 100644
--- a/include/auth.php
+++ b/include/auth.php
@@ -13,13 +13,21 @@ require_once 'include/datetime.php';
 if (isset($_COOKIE["Friendica"])) {
 	$data = json_decode($_COOKIE["Friendica"]);
 	if (isset($data->uid)) {
-		$r = q("SELECT `user`.*, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey`
-		FROM `user` WHERE `uid` = %d AND NOT `blocked` AND NOT `account_expired` AND NOT `account_removed` AND `verified` LIMIT 1",
-			intval($data->uid)
+
+		$user = dba::select('user',
+			[],
+			[
+				'uid'             => $data->uid,
+				'blocked'         => false,
+				'account_expired' => false,
+				'account_removed' => false,
+				'verified'        => true,
+			],
+			['limit' => 1]
 		);
 
-		if ($r) {
-			if ($data->hash != cookie_hash($r[0])) {
+		if (DBM::is_result($user)) {
+			if ($data->hash != cookie_hash($user)) {
 				logger("Hash for user " . $data->uid . " doesn't fit.");
 				nuke_session();
 				goaway(System::baseUrl());
@@ -29,11 +37,11 @@ if (isset($_COOKIE["Friendica"])) {
 			// Expires after 7 days by default,
 			// can be set via system.auth_cookie_lifetime
 			$authcookiedays = Config::get('system', 'auth_cookie_lifetime', 7);
-			new_cookie($authcookiedays * 24 * 60 * 60, $r[0]);
+			new_cookie($authcookiedays * 24 * 60 * 60, $user);
 
 			// Do the authentification if not done by now
 			if (!isset($_SESSION) || !isset($_SESSION['authenticated'])) {
-				authenticate_success($r[0]);
+				authenticate_success($user);
 
 				if (Config::get('system', 'paranoia')) {
 					$_SESSION['addr'] = $data->ip;
@@ -75,12 +83,18 @@ if (isset($_SESSION) && x($_SESSION, 'authenticated') && (!x($_POST, 'auth-param
 			goaway(System::baseUrl());
 		}
 
-		$r = q("SELECT `user`.*, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey`
-		FROM `user` WHERE `uid` = %d AND NOT `blocked` AND NOT `account_expired` AND NOT `account_removed` AND `verified` LIMIT 1",
-			intval($_SESSION['uid'])
+		$user = dba::select('user',
+			[],
+			[
+				'uid'             => $_SESSION['uid'],
+				'blocked'         => false,
+				'account_expired' => false,
+				'account_removed' => false,
+				'verified'        => true,
+			],
+			['limit' => 1]
 		);
-
-		if (!DBM::is_result($r)) {
+		if (!DBM::is_result($user)) {
 			nuke_session();
 			goaway(System::baseUrl());
 		}
@@ -95,7 +109,7 @@ if (isset($_SESSION) && x($_SESSION, 'authenticated') && (!x($_POST, 'auth-param
 			$_SESSION['last_login_date'] = datetime_convert('UTC', 'UTC');
 			$login_refresh = true;
 		}
-		authenticate_success($r[0], false, false, $login_refresh);
+		authenticate_success($user, false, false, $login_refresh);
 	}
 } else {
 	session_unset();