Fix verification of logged in status
parent
1d9b578d6e
commit
adac990d83
|
@ -1,4 +1,4 @@
|
|||
<?php $rPath = "../"; require $rPath.'webdata/init.php'; ?><!DOCTYPE html>
|
||||
<?php $rPath = "../"; require $rPath.'webdata/init.php'; requireLogin(); ?><!DOCTYPE html>
|
||||
<html lang="en">
|
||||
<head>
|
||||
<?=getHtmlHeaders($rPath);?>
|
||||
|
@ -32,5 +32,32 @@
|
|||
|
||||
<script src='plan.js'></script>
|
||||
|
||||
|
||||
<!--<div style='width: 30rem; margin: auto; margin-bottom: 100px;'>
|
||||
<form action='#!' class='form-row input-group input-group-sm addItemForm'>
|
||||
<div class="form-control form-floating">
|
||||
<input type='text' id='newItemName0' class='form-control newItemName' placeholder='New Item Name' aria-label='New Item Name'>
|
||||
<label for="newItemName0">New Item Name</label>
|
||||
</div>
|
||||
<div class="form-control form-floating">
|
||||
<input type='number' id='newItemPrice0' class='form-control newItemPrice' value='0' min='0' step='.01' aria-label='Price'>
|
||||
<label for="newItemPrice0">Price</label>
|
||||
</div>
|
||||
<div class='input-group-append'>
|
||||
<input type='image' class='form-control addItem' src='../icon/plus.svg' alt='+'>
|
||||
</div>
|
||||
</form>
|
||||
</div>-->
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
</body>
|
||||
</html>
|
|
@ -150,6 +150,10 @@ function checkLogin(): bool{
|
|||
session_start();
|
||||
}
|
||||
|
||||
if(!isset($_SESSION['user_id'])){
|
||||
return false;
|
||||
}
|
||||
|
||||
if(md5($_SERVER['HTTP_USER_AGENT']) == @$_SESSION['user_agent']){
|
||||
$verifyLoginRes = $db->query("SELECT ckey FROM user WHERE user_id = ".$_SESSION['user_id']);
|
||||
list($cKey) = $verifyLoginRes->fetch_row();
|
||||
|
@ -158,7 +162,18 @@ function checkLogin(): bool{
|
|||
}
|
||||
}
|
||||
|
||||
unset($_SESSION['user_key']);
|
||||
unset($_SESSION['user_id']);
|
||||
return false;
|
||||
}
|
||||
|
||||
function requireLogin(): bool{
|
||||
global $config;
|
||||
if(checkLogin()){
|
||||
return true;
|
||||
}
|
||||
|
||||
$_SERVER['HTTP_REFERER'] = $_SERVER['PHP_SELF'];
|
||||
header("Location: ".$config["general"]["projectRoot"]."/login.php");
|
||||
return false;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue