41 lines
952 B
PHP
41 lines
952 B
PHP
<?php
|
|
|
|
require_once("_db.php"); //("api/_db.php");
|
|
|
|
|
|
|
|
// End currently active session
|
|
function EndSession () {
|
|
session_unset();
|
|
session_destroy();
|
|
if (isset($_COOKIE["PHPSESSID"])) {
|
|
unset($_COOKIE["PHPSESSID"]);
|
|
setcookie("PHPSESSID", "", time() - 3600, "/");
|
|
}
|
|
}
|
|
|
|
|
|
|
|
//session_start();
|
|
// This ^ should be placed at login stage
|
|
|
|
$LOGGED_IN = false;
|
|
|
|
if (session_status() == PHP_SESSION_ACTIVE && isset($_SESSION["userid"])) {
|
|
// Check if user still exist
|
|
$s = $db->prepare("SELECT * FROM users WHERE id = ?");
|
|
$s->bind_param("s", $_SESSION["userid"]);
|
|
$s->execute();
|
|
if (!(bool)$s->get_result()->fetch_assoc()) { // If not, then destroy session
|
|
EndSession();
|
|
echo "user id does not exist";
|
|
die("user id used in session does not exist");
|
|
}
|
|
$LOGGED_IN = true;
|
|
} elseif (session_status() == PHP_SESSION_ACTIVE && !isset($_SESSION["userid"])) {
|
|
echo "no userid, destroying session";
|
|
EndSession();
|
|
die("no userid in session");
|
|
}
|
|
|
|
?>
|