prepare('SELECT username FROM users WHERE userID = :uid'); $stmt->execute([':uid' => $rec['userID']]); $row = $stmt->fetchColumn(); $username = $row !== false ? (string)$row : ''; qdb_discard($tmpDb, $lockFp); } catch (Throwable $e) { error_log('session username lookup: ' . $e->getMessage()); } } json_success([ 'valid' => true, 'user' => $username, 'role' => $role, 'userID' => $rec['userID'] ?? '', 'mustChangePassword' => !empty($rec['temp']), ]);