diff options
| author | Andrew Dolgov <[email protected]> | 2021-03-01 19:32:27 +0300 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2021-03-01 19:32:27 +0300 |
| commit | 8b1a2406e61952fb8c26c8430a13db1093188702 (patch) | |
| tree | 255f7b38837c833e1b901bdab9d0b0004f45edd9 /include | |
| parent | 127a868e4033a66c03ba18128697a8702cc484e7 (diff) | |
userhelper: use orm for a few more user-related things
Diffstat (limited to 'include')
| -rw-r--r-- | include/sessions.php | 26 |
1 files changed, 10 insertions, 16 deletions
diff --git a/include/sessions.php b/include/sessions.php index 04c24cf72..0fa8428ad 100644 --- a/include/sessions.php +++ b/include/sessions.php @@ -36,27 +36,21 @@ return false; } - $sth = $pdo->prepare("SELECT pwd_hash FROM ttrss_users WHERE id = ?"); - $sth->execute([$_SESSION['uid']]); + $user = \ORM::for_table('ttrss_users')->find_one($_SESSION["uid"]); - // user not found - if ($row = $sth->fetch()) { - $pwd_hash = $row["pwd_hash"]; + if ($user) { + if ($user->pwd_hash != $_SESSION["pwd_hash"]) { - if ($pwd_hash != $_SESSION["pwd_hash"]) { + $_SESSION["login_error_msg"] = + __("Session failed to validate (password changed)"); - $_SESSION["login_error_msg"] = - __("Session failed to validate (password changed)"); - - return false; - } + return false; + } } else { + $_SESSION["login_error_msg"] = + __("Session failed to validate (user not found)"); - $_SESSION["login_error_msg"] = - __("Session failed to validate (user not found)"); - - return false; - + return false; } } |