private function createSession($user_id, $cookie = false){
if($user_id != null && ctype_digit($user_id)){
$token = $this->generateToken();
$selector = $this->generateToken(5)[0];
$data = $this->encrypt($this->getIP()) . '::' . $_SERVER['HTTP_USER_AGENT'];
if($cookie === true){
if(isset($_COOKIE[self::COOKIE_NAME]))
$this->deleteSession('cookie');
setcookie(self::COOKIE_NAME, serialize([$user_id, $selector, $token[0], $data]), time() + 31536000, '/', DOMAIN, true, true);
$session_time = date("Y-m-d H:i:s", strtotime('+1 year', time()));
}else{
if(isset($_SESSION[self::COOKIE_NAME]))
$this->deleteSession();
$_SESSION[self::COOKIE_NAME] = serialize([$user_id, $selector, $token[0], $data]);
$session_time = date("Y-m-d H:i:s", strtotime('+30 minutes', time()));
session_regenerate_id();
}
if($this->db->count('SELECT COUNT(*) FROM ' . PREFIX . 'users_logged WHERE users_logged_selector = ? AND users_logged_token = ? AND users_logged_user_id = ? AND users_logged_data = ?', [$selector, $token[1], $user_id, $data]) != 0)
$this->db->execute('DELETE FROM ' . PREFIX . 'users_logged WHERE users_logged_selector, users_logged_token, users_logged_user_id, users_logged_expires, users_logged_data) VALUES(?, ?, ?, ?, ?)', [$selector, $token[1], $user_id, $data]);
$this->db->execute('INSERT INTO ' . PREFIX . 'users_logged(users_logged_selector, users_logged_token, users_logged_user_id, users_logged_expires, users_logged_data) VALUES(?, ?, ?, ?, ?)', [$selector, $token[1], $user_id, $session_time, $data]);
var_dump(unserialize($_SESSION[self::COOKIE_NAME])[1]);
exit;
}
}
, l'id n'est pas le même !!Pourtant la variable $token qui utilise le même algo de gen, lui reste identique dans le cookie/session et la bdd...
Merci d'avance pour votre aide !