2017-11-23 18:09:36 -05:00
|
|
|
<?php
|
2021-03-18 13:26:03 -04:00
|
|
|
|
2017-11-23 18:09:36 -05:00
|
|
|
/**
|
2021-03-18 13:26:03 -04:00
|
|
|
* Class for creating and deleting tokens
|
|
|
|
|
*/
|
2017-11-23 18:09:36 -05:00
|
|
|
class Token
|
|
|
|
|
{
|
2018-01-07 14:39:10 -05:00
|
|
|
/**
|
|
|
|
|
* Generates a new token from user id and randomly generated salt.
|
2018-01-12 15:35:31 -05:00
|
|
|
* @param int $id user ID
|
2018-01-07 14:39:10 -05:00
|
|
|
* @param String $data associated with token that are important
|
|
|
|
|
* @param timestamp $expire expiration time
|
|
|
|
|
* @return String token
|
|
|
|
|
*/
|
2018-01-13 10:51:17 -05:00
|
|
|
public static function add($id, $data, $expire)
|
2017-11-23 18:09:36 -05:00
|
|
|
{
|
|
|
|
|
global $mysqli;
|
|
|
|
|
$salt = uniqid(mt_rand(), true);
|
2021-03-18 13:26:03 -04:00
|
|
|
$token = hash('sha256', $id . $salt);
|
2017-11-23 18:09:36 -05:00
|
|
|
$stmt = $mysqli->prepare("INSERT INTO tokens VALUES(?, ?, ?, ?)");
|
|
|
|
|
$stmt->bind_param("siis", $token, $id, $expire, $data);
|
|
|
|
|
$stmt->execute();
|
2018-04-20 10:40:12 -04:00
|
|
|
$stmt->get_result();
|
2017-11-23 18:09:36 -05:00
|
|
|
return $token;
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-07 14:39:10 -05:00
|
|
|
/**
|
|
|
|
|
* Checks whether token exists in the database and has not expired.
|
|
|
|
|
* @param String $token
|
|
|
|
|
* @param int $id user ID
|
|
|
|
|
* @param String $data
|
|
|
|
|
* @return int count of results in database
|
|
|
|
|
*/
|
2018-04-20 10:49:49 -04:00
|
|
|
public static function validate($token, $id, $data)
|
2017-11-23 18:09:36 -05:00
|
|
|
{
|
|
|
|
|
global $mysqli;
|
|
|
|
|
$time = time();
|
2017-11-29 09:32:40 -05:00
|
|
|
$stmt = $mysqli->prepare("SELECT count(*) as count FROM tokens WHERE token = ? AND user = ? AND expire>=? AND data LIKE ?");
|
2017-11-23 18:09:36 -05:00
|
|
|
$stmt->bind_param("siis", $token, $id, $time, $data);
|
|
|
|
|
$stmt->execute();
|
|
|
|
|
$query = $stmt->get_result();
|
|
|
|
|
return $query->fetch_assoc()['count'];
|
|
|
|
|
}
|
|
|
|
|
|
2018-04-20 10:40:12 -04:00
|
|
|
/**
|
|
|
|
|
* Returns token data
|
|
|
|
|
* @param String $token
|
|
|
|
|
* @param int $id user ID
|
|
|
|
|
* @return String data
|
|
|
|
|
*/
|
|
|
|
|
public static function get_data($token, $id)
|
|
|
|
|
{
|
|
|
|
|
global $mysqli;
|
|
|
|
|
$stmt = $mysqli->prepare("SELECT data as count FROM tokens WHERE token = ? AND user = ?");
|
|
|
|
|
$stmt->bind_param("si", $token, $id);
|
|
|
|
|
$stmt->execute();
|
|
|
|
|
$query = $stmt->get_result();
|
|
|
|
|
return $query->fetch_assoc()['data'];
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-07 14:39:10 -05:00
|
|
|
/**
|
|
|
|
|
* Deletes token.
|
|
|
|
|
* @param String $token
|
|
|
|
|
* @return void
|
|
|
|
|
*/
|
2017-11-23 18:09:36 -05:00
|
|
|
public static function delete($token)
|
|
|
|
|
{
|
|
|
|
|
global $mysqli;
|
|
|
|
|
$time = time();
|
|
|
|
|
$stmt = $mysqli->prepare("DELETE FROM tokens WHERE token = ? OR expire<?");
|
2021-03-18 13:26:03 -04:00
|
|
|
$stmt->bind_param("sd", $token, $time);
|
2017-11-23 18:09:36 -05:00
|
|
|
$stmt->execute();
|
2018-04-20 11:39:34 -04:00
|
|
|
$stmt->get_result();
|
2017-11-23 18:09:36 -05:00
|
|
|
}
|
2021-03-18 13:26:03 -04:00
|
|
|
}
|
