session_start(); $db = new Database(sqlconfig()); $user = new User($db); global $user; global $db; if (!isset($_SESSION['id'])) { //No session, ergo no user loged in $user->showLogin(""); die; } else { if (!$user->has_access_to_admin()) { //User loged in, but don't have a sufficient accesslevel to the admin panel $user->showLogin("noaccess"); die; } else { if (!$user->checkSession()) { //User loged in, has access to admin panel. BUT the session might have been hijacked :O $user->showLogin("Your login session has been revoked for security reasons<br />Maybe you switched to another wifi?<br />Please login again.."); die; } } } if (isset($_GET['user']) && $_GET['user'] == "logout") { $user->LogoutUser(); header("location: index.php"); die; } ////////////////////////////////// //Decide stuff here $admin = new Administrator($db); //This is the interfase template designers talk to
public static function getCurrent() { if (!array_key_exists('username', $_COOKIE)) { return NULL; } $current = new User($_COOKIE['username'], User::GET_BY_USERNAME); if ($current->checkSession($_COOKIE['sessionKey'])) { return $current; } return NULL; }
<?php session_start(); include 'include/classUser.php'; $checkSession = new User(); if (isset($_SESSION['deviceID']) && isset($_SESSION['keyPass'])) { $deviceID = $_SESSION['deviceID']; $keyPass = $_SESSION['keyPass']; $result = $checkSession->checkSession($deviceID, $keyPass); echo $result; } else { }