Files

57 lines
1.5 KiB
PHP

<?php
if (session_status() === PHP_SESSION_NONE) {
session_start();
}
function isLoggedIn() {
return isset($_SESSION['user_id']);
}
function getCurrentUser() {
if (!isLoggedIn()) {
return null;
}
return [
'id' => $_SESSION['user_id'],
'username' => $_SESSION['username'],
'role' => $_SESSION['role'],
'ibadah_id' => $_SESSION['ibadah_id'] ? intval($_SESSION['ibadah_id']) : null
];
}
function requireLogin() {
if (!isLoggedIn()) {
header('HTTP/1.1 401 Unauthorized');
echo json_encode(['status' => 'error', 'message' => 'Unauthorized: Silakan login terlebih dahulu.']);
exit;
}
}
function requireAdmin() {
requireLogin();
if ($_SESSION['role'] !== 'admin') {
header('HTTP/1.1 403 Forbidden');
echo json_encode(['status' => 'error', 'message' => 'Forbidden: Akses ditolak. Hanya Admin yang diizinkan.']);
exit;
}
}
function requireAdminOrPengelola() {
requireLogin();
if ($_SESSION['role'] !== 'admin' && $_SESSION['role'] !== 'pengelola') {
header('HTTP/1.1 403 Forbidden');
echo json_encode(['status' => 'error', 'message' => 'Forbidden: Akses ditolak.']);
exit;
}
}
function canManageIbadah($ibadah_id) {
if (!isLoggedIn()) return false;
if ($_SESSION['role'] === 'admin') return true;
if ($_SESSION['role'] === 'pengelola') {
return intval($_SESSION['ibadah_id']) === intval($ibadah_id);
}
return false;
}
?>