$user['id'], 'salt' => $salt, 'authhash' => $hash, 'device' => $device ]; $auth['id'] = db_insert_data($mysqli, DB_TABLE_LOGINS, $data); return $auth; } function auth_logout($mysqli, $id) { db_delete_data($mysqli, DB_TABLE_LOGINS, 'id = "' . mysqli_real_escape_string($mysqli, $id) . '"', 1); return true; } function auth_check($mysqli, $id, $hash) { $auth = db_get_data($mysqli, DB_TABLE_LOGINS, '*', 'id="' . mysqli_real_escape_string($mysqli, $id) . '"', 1); if (($auth === false) or (count($auth) != 1)) return false; $auth = array_values($auth)[0]; $hash = hash('sha512', $hash . $auth['salt']); if ($hash != $auth['authhash']) return false; db_update_data($mysqli, DB_TABLE_LOGINS, ['id' => $auth['id']], 'id="' . $auth['id'] . '"', 1); // update changed field => last login return $auth['user']; } ?>