Files
2026-06-13 13:56:43 +07:00

36 lines
909 B
PHP

<?php
if (session_status() === PHP_SESSION_NONE) session_start();
function requireLogin() {
if (empty($_SESSION['user'])) {
if (isset($_SERVER['HTTP_X_REQUESTED_WITH'])) {
http_response_code(401);
echo json_encode(['status' => 'error', 'message' => 'Sesi habis, silakan login kembali.']);
exit;
}
header('Location: login.php');
exit;
}
}
function requireSuperAdmin() {
requireLogin();
if ($_SESSION['user']['role'] !== 'admin') {
http_response_code(403);
echo json_encode(['status' => 'error', 'message' => 'Akses ditolak. Hanya admin.']);
exit;
}
}
function isSuperAdmin() {
return ($_SESSION['user']['role'] ?? '') === 'admin';
}
function currentUser() {
return $_SESSION['user'] ?? null;
}
function esc($conn, $v) {
return mysqli_real_escape_string($conn, trim((string)$v));
}