Centralize session update

This commit is contained in:
Bruno Rybársky 2024-02-04 08:57:35 +01:00
parent 3f74009488
commit 07b0c76c26

@ -86,13 +86,10 @@ function verifyPassword($userID, $password): bool
return !empty($password_hash) && !empty($password) && password_verify($password, $password_hash); return !empty($password_hash) && !empty($password) && password_verify($password, $password_hash);
} }
function doLogin($email, $password): array function UpdateSession(){
{ global $mysqli;
global $mysqli, $routerConfig; $stmt = $mysqli->prepare("SELECT FirstName, LastName, Nickname, Email, MinecraftNick, PrivilegeLevel, LastLoginAt, LoginCount FROM Users WHERE ID = ? AND isActivated = 1");
$found = false; $stmt->bind_param("i", $_SESSION["ID"]);
if (!empty($email) && !empty($password)) {
$stmt = $mysqli->prepare("SELECT ID, FirstName, LastName, Nickname, PasswordHash, MinecraftNick, PrivilegeLevel, LastLoginAt, LoginCount FROM Users WHERE Email = ? AND isActivated = 1");
$stmt->bind_param("s", $email);
$stmt->execute(); $stmt->execute();
$uid = 0; $uid = 0;
@ -100,31 +97,51 @@ function doLogin($email, $password): array
$last_name = ""; $last_name = "";
$nickname = ""; $nickname = "";
$password_hash = ""; $password_hash = "";
$email = "";
$minecraft_nickname = ""; $minecraft_nickname = "";
$privilege_level = 0; $privilege_level = 0;
$lastLoginAt = null; $lastLoginAt = null;
$loginCount = 0; $loginCount = 0;
$stmt->bind_result($uid, $first_name, $last_name, $nickname, $password_hash, $minecraft_nickname, $privilege_level, $lastLoginAt, $loginCount); $stmt->bind_result($uid, $first_name, $last_name, $nickname, $email, $password_hash, $minecraft_nickname, $privilege_level, $lastLoginAt, $loginCount);
$stmt->fetch(); $stmt->fetch();
$stmt->close(); $stmt->close();
if (password_verify($password, $password_hash)) {
$found = true;
// Update LastLoginAt and LoginCount
$updateLoginStmt = $mysqli->prepare("UPDATE Users SET LastLoginAt = NOW(), LoginCount = LoginCount + 1 WHERE ID = ?");
$updateLoginStmt->bind_param("i", $uid);
$updateLoginStmt->execute();
$updateLoginStmt->close();
}
$_SESSION["ID"] = $uid;
$_SESSION["first_name"] = $first_name; $_SESSION["first_name"] = $first_name;
$_SESSION["last_name"] = $last_name; $_SESSION["last_name"] = $last_name;
$_SESSION["nickname"] = $nickname; $_SESSION["nickname"] = $nickname;
$_SESSION["email"] = $email; $_SESSION["email"] = $email;
$_SESSION["minecraft_nickname"] = $minecraft_nickname; $_SESSION["minecraft_nickname"] = $minecraft_nickname;
$_SESSION["privilege_level"] = $privilege_level; $_SESSION["privilege_level"] = $privilege_level;
}
function doLogin($email, $password): array
{
global $mysqli, $routerConfig;
$found = false;
if (!empty($email) && !empty($password)) {
$stmt = $mysqli->prepare("SELECT ID, PasswordHash FROM Users WHERE Email = ? AND isActivated = 1");
$stmt->bind_param("s", $email);
$stmt->execute();
$uid = 0;
$password_hash = "";
$stmt->bind_result($uid, $password_hash);
$stmt->fetch();
$stmt->close();
if (password_verify($password, $password_hash)) {
$found = true;
$_SESSION["ID"] = $uid;
UpdateSession();
// Update LastLoginAt and LoginCount
$updateLoginStmt = $mysqli->prepare("UPDATE Users SET LastLoginAt = NOW(), LoginCount = LoginCount + 1 WHERE ID = ?");
$updateLoginStmt->bind_param("i", $uid);
$updateLoginStmt->execute();
$updateLoginStmt->close();
}
} }
return $found ? ["Status" => "Success"] : ["Status" => "Fail"]; return $found ? ["Status" => "Success"] : ["Status" => "Fail"];
} }
@ -273,6 +290,7 @@ function getUserInfo(): array
$stmt->bind_result($firstName, $lastName, $nickname, $email, $minecraft_nickname); $stmt->bind_result($firstName, $lastName, $nickname, $email, $minecraft_nickname);
$stmt->fetch(); $stmt->fetch();
$stmt->close(); $stmt->close();
UpdateSession();
$output["Status"] = "Success"; $output["Status"] = "Success";
$output["UserInfo"] = [ $output["UserInfo"] = [