<?php include $_SESSION["docroot"].'/config/config.php'; include $_SESSION["docroot"].'/php/connect.php'; if(!(preg_match("/error.+/", $_SERVER["REQUEST_URI"]))) { # clear expired sessions from the database $mysqli->query('DELETE FROM `sessions` WHERE `expires` < NOW();'); if(isset($_COOKIE["token"])){ $token = $_COOKIE["token"]; } else{ $token = "-1"; } $selectQuery = $mysqli->prepare('SELECT * FROM `sessions` WHERE `session_id` = ?;'); $selectQuery->bind_param("s", $token); $selectQuery->execute(); $result = $selectQuery->get_result(); if(($result->num_rows) == 0 && (!(in_array("site", array_keys($_GET))) || $_GET["site"]!="login")) { header('Location: /login/url='.$_SERVER["REQUEST_URI"]); } $mysqli->close(); } ?>