From 8b1a2406e61952fb8c26c8430a13db1093188702 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <noreply@fakecake.org>
Date: Mon, 1 Mar 2021 19:32:27 +0300
Subject: userhelper: use orm for a few more user-related things

---
 include/sessions.php | 26 ++++++++++----------------
 1 file changed, 10 insertions(+), 16 deletions(-)

(limited to 'include')

diff --git a/include/sessions.php b/include/sessions.php
index 04c24cf72..0fa8428ad 100644
--- a/include/sessions.php
+++ b/include/sessions.php
@@ -36,27 +36,21 @@
 				return false;
 			}
 
-			$sth = $pdo->prepare("SELECT pwd_hash FROM ttrss_users WHERE id = ?");
-			$sth->execute([$_SESSION['uid']]);
+			$user = \ORM::for_table('ttrss_users')->find_one($_SESSION["uid"]);
 
-			// user not found
-			if ($row = $sth->fetch()) {
-					 $pwd_hash = $row["pwd_hash"];
+			if ($user) {
+				if ($user->pwd_hash != $_SESSION["pwd_hash"]) {
 
-					 if ($pwd_hash != $_SESSION["pwd_hash"]) {
+					$_SESSION["login_error_msg"] =
+						__("Session failed to validate (password changed)");
 
-						  $_SESSION["login_error_msg"] =
-								__("Session failed to validate (password changed)");
-
-						  return false;
-					 }
+					return false;
+				}
 			} else {
+				$_SESSION["login_error_msg"] =
+					__("Session failed to validate (user not found)");
 
-					 $_SESSION["login_error_msg"] =
-						  __("Session failed to validate (user not found)");
-
-					 return false;
-
+				return false;
 			}
 		}
 
-- 
cgit v1.2.3