Borgal/domili
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
90822188687028732c48b5f97ef11f435575bb14
domili/inc/check_login.php
Borgal 9082218868 v1.4.0 - zuletzt Aktiv hinzugefügt
2026-02-02 12:54:47 +01:00

64 lines
2.3 KiB
PHP
Executable File
Raw Blame History

<?php
// inc/check_login.php
include('db.php');
session_start();
if (!isset($_SESSION['user_id']) && isset($_COOKIE['remember_token'])) {
$token = $_COOKIE['remember_token'];
// Prüfen, ob der Token in der Datenbank existiert und gültig ist
$sql = "SELECT users.id, users.username, users.email, users.role FROM login_tokens JOIN users ON login_tokens.user_id = users.id WHERE login_tokens.token = ? AND login_tokens.expires_at > NOW()";
$stmt = mysqli_prepare($conn, $sql);
mysqli_stmt_bind_param($stmt, "s", $token);
mysqli_stmt_execute($stmt);
$result = mysqli_stmt_get_result($stmt);
$user = mysqli_fetch_assoc($result);
if ($user) {
// Token ist gültig, alle Benutzerdaten in die Session laden
$_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $user['username'];
$_SESSION['email'] = $user['email'];
$_SESSION['role'] = $user['role'];
// Optional: Ablaufdatum des Tokens verlängern (Rolling Expiration)
$new_expires_at = date('Y-m-d H:i:s', strtotime('+30 days'));
$update_sql = "UPDATE login_tokens SET expires_at = ? WHERE token = ?";
$update_stmt = mysqli_prepare($conn, $update_sql);
mysqli_stmt_bind_param($update_stmt, "ss", $new_expires_at, $token);
mysqli_stmt_execute($update_stmt);
mysqli_stmt_close($update_stmt);
} else {
// Token ist ungültig oder abgelaufen, Cookie löschen
setcookie('remember_token', '', time() - 3600, "/");
}
}
// 🔹 Letzte Aktivität aktualisieren (nur für eingeloggte Benutzer)
if (isset($_SESSION['user_id'])) {
$now = new DateTime();
$last_update = $_SESSION['last_activity_update'] ?? null;
$update_needed = true;
if ($last_update) {
$last = new DateTime($last_update);
if ($now->getTimestamp() - $last->getTimestamp() < 60) {
$update_needed = false;
}
}
if ($update_needed) {
$stmt = mysqli_prepare($conn, "UPDATE users SET last_activity = NOW() WHERE id = ?");
if ($stmt) {
mysqli_stmt_bind_param($stmt, "i", $_SESSION['user_id']);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
$_SESSION['last_activity_update'] = $now->format('Y-m-d H:i:s');
}
}
} else {
header('Location: login.php');
exit();
}
Reference in New Issue View Git Blame Copy Permalink