Fix verification of logged in status

2021-05-04 14:50:04 +02:00 · 2021-05-04 14:50:04 +02:00 · adac990d83
parent 1d9b578d6e
commit adac990d83
2 changed files with 44 additions and 2 deletions
--- a/plan/index.php
+++ b/plan/index.php
@ -1,4 +1,4 @@
-<?php $rPath = "../"; require $rPath.'webdata/init.php'; ?><!DOCTYPE html>
+<?php $rPath = "../"; require $rPath.'webdata/init.php'; requireLogin(); ?><!DOCTYPE html>
 <html lang="en">
 <head>
    <?=getHtmlHeaders($rPath);?>
@ -32,5 +32,32 @@

    <script src='plan.js'></script>

+
+    <!--<div style='width: 30rem; margin: auto; margin-bottom: 100px;'>
+        <form action='#!' class='form-row input-group input-group-sm addItemForm'>
+            <div class="form-control form-floating">
+                <input type='text' id='newItemName0' class='form-control newItemName' placeholder='New Item Name' aria-label='New Item Name'>
+                <label for="newItemName0">New Item Name</label>
+            </div>
+            <div class="form-control form-floating">
+                <input type='number' id='newItemPrice0' class='form-control newItemPrice' value='0' min='0' step='.01' aria-label='Price'>
+                <label for="newItemPrice0">Price</label>
+            </div>
+            <div class='input-group-append'>
+                <input type='image' class='form-control addItem' src='../icon/plus.svg' alt='+'>
+            </div>
+        </form>
+    </div>-->
+
+
+
+
+
+
+
+
+
+
+
 </body>
 </html>
--- a/webdata/init.php
+++ b/webdata/init.php
@ -150,6 +150,10 @@ function checkLogin(): bool{
        session_start();
    }

+    if(!isset($_SESSION['user_id'])){
+        return false;
+    }
+
    if(md5($_SERVER['HTTP_USER_AGENT']) == @$_SESSION['user_agent']){
        $verifyLoginRes = $db->query("SELECT ckey FROM user WHERE user_id = ".$_SESSION['user_id']);
        list($cKey) = $verifyLoginRes->fetch_row();
@ -158,7 +162,18 @@ function checkLogin(): bool{
        }
    }

-    unset($_SESSION['user_key']);
+    unset($_SESSION['user_id']);
+    return false;
+}
+
+function requireLogin(): bool{
+    global $config;
+    if(checkLogin()){
+        return true;
+    }
+
+    $_SERVER['HTTP_REFERER'] = $_SERVER['PHP_SELF'];
+    header("Location: ".$config["general"]["projectRoot"]."/login.php");
    return false;
 }