e949/api/_auth.php

41 lines
796 B
PHP
Raw Normal View History

2023-08-12 04:09:17 +05:30
<?php
require_once("_db.php"); //("api/_db.php");
2023-08-30 07:11:13 +05:30
// End currently active session
function EndSession () {
session_unset();
session_destroy();
if (isset($_COOKIE["PHPSESSID"])) {
unset($_COOKIE["PHPSESSID"]);
setcookie("PHPSESSID", "", time() - 3600, "/");
}
}
2023-08-19 23:45:47 +05:30
//session_start();
// This ^ should be placed at login stage
2023-08-12 04:09:17 +05:30
$LOGGED_IN = false;
if (isset($_SESSION["userid"])) {
// Check if user still exist
$s = $db->prepare("SELECT * FROM users WHERE id = ?");
$s->bind_param("s", $_SESSION["userid"]);
$s->execute();
if (!(bool)$s->get_result()->fetch_assoc()) { // If not, then destroy session
2023-08-30 07:11:13 +05:30
EndSession();
2023-08-12 04:09:17 +05:30
echo "user id does not exist";
die("user id used in session does not exist");
}
$LOGGED_IN = true;
2023-08-19 23:45:47 +05:30
} else {
if (session_status()) {
2023-08-30 07:11:13 +05:30
EndSession();
2023-08-19 23:45:47 +05:30
}
2023-08-12 04:09:17 +05:30
}
?>