prepare("select id, hash, privileges from user where user.name = ?"); $statement->bind_param("s", $username); if (!$statement->execute()) return false; $res = $statement->get_result(); if (!mysqli_num_rows($res)) return false; $obj = $res->fetch_object(); $user_id = $obj->id; $user_privileges = $obj->privileges; // if (!password_verify($password, $obj->hash)) return false; return true; } function check_login($username, $password) { if (!login($username, $password)) { setcookie("username", "", -1, "/"); setcookie("password", "", -1, "/"); return false; } return true; } function get_cart_count() { global $user_id, $cursor; if (!$user_id) return 0; $statement = $cursor->prepare("select ifnull(sum(count), 0) as count from webs.orderproduct where `order` = webs.cart(?)"); $statement->bind_param("i", $user_id); if (!$statement->execute()) return 0; $res = $statement->get_result(); if (!mysqli_num_rows($res)) return 0; $obj = $res->fetch_object(); return $obj->count; } $logged_in = check_login($username, $password); $cart_count = get_cart_count(); // hansel and gretel crumbs function leave_crumb() { $prev = $_SERVER['HTTP_REFERER']; $ONE_HOUR = time() + (60 * 60); setcookie("prev", $prev, $ONE_HOUR, "/"); } function if_logged_in($is, $redirect, $back = false) { global $logged_in; if ($logged_in != $is) return; if ($back) leave_crumb(); http_response_code(302); header("Location: ".$redirect); die(); } function if_privileged($level, $redirect, $back = false) { global $user_privileges; if (($user_privileges & $level) > 0) return; if ($back) leave_crumb(); http_response_code(302); header("Location: ".$redirect); die(); } function cookie_redir($username, $password, $url = "") { $ONE_YEAR = time() + (60 * 60 * 24 * 365); setcookie("username", $username, $ONE_YEAR, "/"); setcookie("password", $password, $ONE_YEAR, "/"); // TODO: use tokens to login if (!$url) { $prev = $_COOKIE['prev']; if(!$prev) $url = "/"; else $url = $prev; } header("Location: ".$url); die(); } ?>