X-Git-Url: https://git.rvb.name/weathermon.git/blobdiff_plain/7d6cb9a3d58687e0bf3ca3c30882782fe7ae12b8..2094fb89e05795f5daee526dc4617a169faba201:/web/auth.php?ds=sidebyside diff --git a/web/auth.php b/web/auth.php new file mode 100644 index 0000000..4807f49 --- /dev/null +++ b/web/auth.php @@ -0,0 +1,66 @@ + false)))) { + die($err); +} + +$db -> exec('SET CHARACTER SET utf8'); + +$auth_token = $_COOKIE["auth-token"]; + +$timestamp = 0; + +if ($auth_token) { + + $sql = " + SELECT UNIX_TIMESTAMP(MAX(expires)) timestamp FROM tokens WHERE str=:s and expires>now() + "; + + $q = $db -> prepare( $sql ); + $q -> bindParam(':s',$auth_token,PDO::PARAM_INT); + $q -> execute(); + + $res = []; + + $row = $q -> fetch(PDO::FETCH_ASSOC); + $timestamp = $row['timestamp']; + +} + +if ($timestamp) { + setcookie("auth-token",$auth_token,$timestamp); +} else { + $auth_token = com_create_guid(); + $timestamp = time()+86400*365; + setcookie("auth-token",$auth_token,$timestamp); + $sql = " + INSERT INTO tokens(str,description,expires) VALUES (:token,:descr,FROM_UNIXTIME(:expires)) + "; + $q = $db -> prepare( $sql ); + $q -> bindParam(':token',$auth_token,PDO::PARAM_STR); + $descr = $_SERVER["PHP_AUTH_USER"]." from ".$_SERVER["REMOTE_ADDR"]." at ".date('m/d/Y h:i:s a', time()); + $q -> bindParam(':descr',$descr,PDO::PARAM_STR); + $q -> bindParam(':expires',$timestamp,PDO::PARAM_INT); + $db -> beginTransaction(); + $q -> execute(); + $db -> commit(); + +} + +print $auth_token; + +?>