function manageSession() { switch ($_POST["t"]) { case "w": // Verify valid session cookie $userSessData = json_decode($_POST["s"]); if (isValidCookie($userSessData)) { // Write to session database $sessLogs = json_decode(file_get_contents("json/sessions.json")); $sessLogs[] = $userSessData; $fh = fopen("json/sessions.json", "w"); fwrite($fh, json_encode($sessLogs, JSON_PRETTY_PRINT)); fclose($fh); echo '{"sessid": "' . $userSessData->sessid . '"}'; } else { // Invalid session cookie header("HTTP/1.1 403 Forbidden"); echo '{"error": "Invalid session cookie"}'; } break; case "r": // Remove to main session database $sessId = $_POST["sessid"]; $sessLogs = json_decode(file_get_contents("json/sessions.json")); $sessKey = NULL; foreach ($sessLogs as $k => $eachLog) { if ($sessId == $eachLog->sessid) { $sessKey = $k; break; } } if (!is_null($sessKey)) { // Found session ID! $sessVal = array_splice($sessLogs, $sessKey, 1)[0]; } $fh = fopen("json/sessions.json", "w+"); fwrite($fh, json_encode($sessLogs, JSON_PRETTY_PRINT)); fclose($fh); // Set/unset some variables unset($sessVal->sessid); $sessVal->logoutd = gmdate("D, d M Y H:i:s e"); // Move removed data to user logs $userLogs = json_decode(file_get_contents("json/userlog.json")); $userLogs[] = $sessVal; $fh = fopen("json/userlog.json", "w"); fwrite($fh, json_encode($userLogs, JSON_PRETTY_PRINT)); fclose($fh); break; } }
<!DOCTYPE html> <html> <head> <?php require 'ajax/api/security.php'; writeHtmlHeader(); ?> </head> <body> <?php if (isValidCookie()) { ?> hello <?php } ?> </body> </html>