shopping-list/public_html/php/auth.php

28 lines
814 B
PHP
Raw Normal View History

2018-10-24 15:00:27 +02:00
<?php
include $_SESSION["docroot"].'/config/config.php';
include $_SESSION["docroot"].'/php/connect.php';
if(!(preg_match("/error.+/", $_SERVER["REQUEST_URI"])))
{
# clear expired sessions from the database
$mysqli->query('DELETE FROM `sessions` WHERE `expires` < NOW();');
2019-05-19 18:37:00 +02:00
if(isset($_COOKIE["token"])){
$token = $_COOKIE["token"];
}
else{
$token = "-1";
}
2019-05-22 10:16:13 +02:00
$selectQuery = $mysqli->prepare('SELECT * FROM `sessions` WHERE `session_id` = ?;');
$selectQuery->bind_param("s", $token);
$selectQuery->execute();
$result = $selectQuery->get_result();
2018-10-24 15:00:27 +02:00
2019-05-19 18:37:00 +02:00
if(($result->num_rows) == 0 && (!(in_array("site", array_keys($_GET))) || $_GET["site"]!="login"))
2018-10-24 15:00:27 +02:00
{
header('Location: /login/url='.$_SERVER["REQUEST_URI"]);
}
$mysqli->close();
}
?>