escape($selector); $now = time(); $res = $db->select(MFUSERTOKENTABLE, "worker_id,token", "selector='$selector' AND token_expire > '$now'"); if ($db->num_rows($res)) { $Token = $db->fetch_object($res); if ($Token->token == $token) { $res = $db->select(MFUSERTABLE, "username", "id='$Token->worker_id'"); if ($db->num_rows($res)) { $User = $db->fetch_object($res); if (!isset($_SESSION[MFAPPNAME . '_username'])) { $refresh = true; } $_SESSION[MFAPPNAME . '_username'] = $User->username; $_SESSION[MFAPPNAME . '_ip'] = $_SERVER['REMOTE_ADDR'];; $db->update(MFUSERTABLE, array('ip' => $_SERVER['REMOTE_ADDR'], 'sessionid' => session_id()), "id='$Token->worker_id'"); if ($refresh) { header("Refresh:0"); } } } } } } } public function generateToken($userId) { $db = new FronkDB(); $tokenExpireTime = time() + 2592000; $selector = bin2hex(random_bytes(16)); $token = bin2hex(random_bytes(32)); $values['worker_id'] = $userId; $values['selector'] = $selector; $values['token'] = $token; $values['token_expire'] = $tokenExpireTime; $values['create_by'] = $userId; $values['create'] = date('U'); $db->insert("WorkerToken", $values); setcookie(MFAPPNAME . '_remembertoken', $selector . ':' . $token, $tokenExpireTime, "/"); } public function deleteToken() { $db = new FronkDB(); $cookie = explode(':', $_COOKIE[MFAPPNAME . '_remembertoken']); $selector = $cookie[0]; if (count($cookie) === 2) { $db->delete("WorkerToken", "selector='" . $selector . "'", 1); } setcookie(MFAPPNAME . '_remembertoken', '', time() - 3600, '/'); } }