36 lines
925 B
PHP
36 lines
925 B
PHP
<?php
|
|
if (session_status() === PHP_SESSION_NONE) session_start();
|
|
|
|
function requireLogin() {
|
|
if (empty($_SESSION['user'])) {
|
|
if (isset($_SERVER['HTTP_X_REQUESTED_WITH'])) {
|
|
http_response_code(401);
|
|
echo json_encode(['status' => 'error', 'message' => 'Sesi habis, silakan login kembali.']);
|
|
exit;
|
|
}
|
|
header('Location: /login.php');
|
|
exit;
|
|
}
|
|
}
|
|
|
|
function requireSuperAdmin() {
|
|
requireLogin();
|
|
if ($_SESSION['user']['role'] !== 'superadmin') {
|
|
http_response_code(403);
|
|
echo json_encode(['status' => 'error', 'message' => 'Akses ditolak. Hanya superadmin.']);
|
|
exit;
|
|
}
|
|
}
|
|
|
|
function isSuperAdmin() {
|
|
return ($_SESSION['user']['role'] ?? '') === 'superadmin';
|
|
}
|
|
|
|
function currentUser() {
|
|
return $_SESSION['user'] ?? null;
|
|
}
|
|
|
|
function esc($conn, $v) {
|
|
return mysqli_real_escape_string($conn, trim((string)$v));
|
|
}
|