Cyclone-Team/e949
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

api/user/__admin_session.php and random tweaks

Browse Source
This commit is contained in:
Shr3dd3r
2023-08-30 05:16:15 +03:00
parent 074ce120e9
commit ae719995ee
7 changed files with 44 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
api/_auth.php
View File

@ -21,7 +21,7 @@ function EndSession () {
$LOGGED_IN = false;
if (isset($_SESSION["userid"])) {
if (session_status() == PHP_SESSION_ACTIVE && isset($_SESSION["userid"])) {
// Check if user still exist
$s = $db->prepare("SELECT * FROM users WHERE id = ?");
$s->bind_param("s", $_SESSION["userid"]);
@ -32,10 +32,10 @@ if (isset($_SESSION["userid"])) {
die("user id used in session does not exist");
}
$LOGGED_IN = true;
} else {
if (session_status()) {
EndSession();
}
} elseif (session_status() == PHP_SESSION_ACTIVE && !isset($_SESSION["userid"])) {
echo "no userid, destroying session";
EndSession();
die("no userid in session");
}
?>