59 lines
1.5 KiB
PHP
59 lines
1.5 KiB
PHP
<?php
|
|
|
|
// Includes
|
|
if ($IS_FRONTEND)
|
|
require_once("api/_db.php");
|
|
else
|
|
require_once("_db.php");
|
|
|
|
|
|
|
|
// End currently active session
|
|
function EndSession () {
|
|
session_unset();
|
|
session_destroy();
|
|
if (isset($_COOKIE["PHPSESSID"])) {
|
|
unset($_COOKIE["PHPSESSID"]);
|
|
setcookie("PHPSESSID", "", time() - 3600, "/");
|
|
}
|
|
}
|
|
|
|
|
|
|
|
// A few tips:
|
|
// session_start() - start OR RESUME session
|
|
// If $_SESSION["userid"] is set - it counted as active login session
|
|
// If its not set - it counted as no login session
|
|
session_start();
|
|
|
|
$LOGGED_IN = false;
|
|
$THIS_USER = null; // ID of logged in user
|
|
|
|
if (session_status() === PHP_SESSION_ACTIVE && isset($_SESSION["userid"])) { // If there are active session
|
|
// Check if user still exist
|
|
$s = $db->prepare("SELECT * FROM users WHERE id = ?");
|
|
$s->bind_param("s", $_SESSION["userid"]);
|
|
$s->execute();
|
|
if (!(bool)$s->get_result()->fetch_assoc()) { // If not, then destroy session
|
|
EndSession();
|
|
echo "user id does not exist";
|
|
die("user id used in session does not exist");
|
|
}
|
|
$LOGGED_IN = true;
|
|
$THIS_USER = $_SESSION["userid"];
|
|
} elseif (session_status() === PHP_SESSION_DISABLED) { // If sessions are disabled
|
|
die("ERROR: please enable sessions in php config");
|
|
}
|
|
|
|
if ($Config["debug"] && isset($_REQUEST["debug"])) { // If there are not any session and debug mode is on
|
|
// ATTENTION: FOR DEBUG PURPOSES ONLY!
|
|
if ($_REQUEST["debug"] == "drop") {
|
|
EndSession();
|
|
die("session discarded");
|
|
}
|
|
$_SESSION["userid"] = intval($_REQUEST["debug"]);
|
|
print_r(["created_session" => $_SESSION]);
|
|
die();
|
|
}
|
|
|
|
?>
|