empty SessionID sends the user to login page
If the session is empty, it now sends you to the login page with a safed url so it can revert you back to the right page after login
This commit is contained in:
Lars van Hijfte
@@ -3,10 +3,10 @@ session_start();
|
||||
|
||||
require_once "../../queries/post.php";
|
||||
require_once "../../queries/user.php";
|
||||
|
||||
if (isset($_SESSION["userID"]) and
|
||||
getRoleByID($_SESSION["userID"]) != 'frozen' and
|
||||
getRoleByID($_SESSION["userID"]) != 'banned') {
|
||||
if (!isset($_SESSION["userID"])) {
|
||||
echo "logged out";
|
||||
} else if (getRoleByID($_SESSION["userID"]) != 'frozen' and
|
||||
getRoleByID($_SESSION["userID"]) != 'banned') {
|
||||
|
||||
if (empty($_POST["postID"]) or empty($_SESSION["userID"])) {
|
||||
header('HTTP/1.1 500 Non enough arguments');
|
||||
|
||||
@@ -7,10 +7,10 @@ require_once("../../queries/connect.php");
|
||||
require_once("../../queries/checkInput.php");
|
||||
require_once("../../queries/user.php");
|
||||
|
||||
|
||||
if (isset($_SESSION["userID"]) &&
|
||||
getRoleByID($_SESSION["userID"]) != 'frozen' &&
|
||||
getRoleByID($_SESSION["userID"]) != 'banned') {
|
||||
if (!isset($_SESSION["userID"])) {
|
||||
echo "logged out";
|
||||
} else if (getRoleByID($_SESSION["userID"]) != 'frozen' &&
|
||||
getRoleByID($_SESSION["userID"]) != 'banned') {
|
||||
if ($_POST['button'] == 'reaction') {
|
||||
if (empty($_POST['newcomment-content'])) {
|
||||
echo 0;
|
||||
|
||||
@@ -8,9 +8,10 @@ require_once("../../queries/connect.php");
|
||||
require_once("../../queries/checkInput.php");
|
||||
require_once("../../queries/user.php");
|
||||
|
||||
if (isset($_SESSION["userID"]) &&
|
||||
getRoleByID($_SESSION["userID"]) != 'frozen' &&
|
||||
getRoleByID($_SESSION["userID"]) != 'banned') {
|
||||
if (!isset($_SESSION["userID"])) {
|
||||
echo "logged out";
|
||||
} else if (getRoleByID($_SESSION["userID"]) != 'frozen' &&
|
||||
getRoleByID($_SESSION["userID"]) != 'banned') {
|
||||
|
||||
if (empty($_SESSION["userID"])) {
|
||||
header('HTTP/1.1 500 Non enough arguments');
|
||||
|
||||
@@ -7,9 +7,10 @@ require_once("../../queries/checkInput.php");
|
||||
require_once("../../queries/user.php");
|
||||
|
||||
// Check if the user is allowed to send a message.
|
||||
if (isset($_SESSION["userID"]) &&
|
||||
getRoleByID($_SESSION["userID"]) != 'frozen' &&
|
||||
getRoleByID($_SESSION["userID"]) != 'banned') {
|
||||
if (!isset($_SESSION["userID"])) {
|
||||
echo "logged out";
|
||||
} else if (getRoleByID($_SESSION["userID"]) != 'frozen' &&
|
||||
getRoleByID($_SESSION["userID"]) != 'banned') {
|
||||
if (!empty(test_input($_POST["destination"])) &&
|
||||
!empty(test_input($_POST["content"]))
|
||||
) {
|
||||
|
||||
@@ -43,6 +43,8 @@ function sendMessage() {
|
||||
).done(function(response) {
|
||||
if (response == "frozen") {
|
||||
alert("Je account is bevroren, dus je kan niet chat berichten versturen. Contacteer een admin als je denkt dat dit onjuist is.");
|
||||
} else if (response == "logged out") {
|
||||
window.location.href = "login.php?url=" + window.location.pathname;
|
||||
}
|
||||
// Load messages if the message has been send, so it shows in the chat.
|
||||
loadMessages();
|
||||
|
||||
@@ -3,8 +3,7 @@ var months = ["januari", "februari", "maart", "april", "mei", "juni", "juli", "a
|
||||
|
||||
function fancyText(text) {
|
||||
// Add links, images, gifs and (youtube) video's.
|
||||
var regex = /(https?:\/\/.[^ <>"]*)/ig;
|
||||
text = text.replace(regex, function(link) {
|
||||
text = text.replace(/(https?:\/\/.[^ \n<>"]*)/ig, function(link) {
|
||||
// Add images
|
||||
if (link.match(/(https?:\/\/.[^ ]*\.(?:png|jpg|jpeg|gif))/ig)) {
|
||||
return "<img alt='" + link + "' src='" + link + "' />";
|
||||
@@ -39,7 +38,7 @@ function fancyText(text) {
|
||||
}
|
||||
|
||||
// This function gets the value of a cookie when given a key.
|
||||
// If didn´t find any compatible cookie, it returns false.
|
||||
// If it didn´t find any compatible cookie, it returns false.
|
||||
function getCookie(key) {
|
||||
cookies = document.cookie.split("; ");
|
||||
for (var i in cookies) {
|
||||
|
||||
@@ -26,7 +26,7 @@ function requestPost(postID) {
|
||||
function postPost() {
|
||||
title = $("input.newpost[name='title']").val();
|
||||
content = $("textarea.newpost[name='content']").val();
|
||||
|
||||
console.log(masonryMode);
|
||||
if (masonryMode == 2) {
|
||||
$.post("API/postPost.php", { title: title,
|
||||
content : content,
|
||||
@@ -36,6 +36,10 @@ function postPost() {
|
||||
$('#alertbox').show();
|
||||
$('#alerttext').html("Geen titel of inhoud; vul a.u.b. in.");
|
||||
window.scrollTo(0,0);
|
||||
} else if (data == "logged out") {
|
||||
window.location.href = "login.php?url=" + window.location.pathname;
|
||||
} else if (data == "frozen") {
|
||||
alert("Je account is bevroren, dus je kan geen posts plaatsen. Contacteer een admin als je denkt dat dit onjuist is.");
|
||||
} else {
|
||||
$('#alertbox').hide();
|
||||
masonry(masonryMode);
|
||||
@@ -49,6 +53,10 @@ function postPost() {
|
||||
$('#alertbox').show();
|
||||
$('#alerttext').html("Geen titel of inhoud; vul a.u.b. in.");
|
||||
window.scrollTo(0,0);
|
||||
} else if (data == "logged out") {
|
||||
window.location.href = "login.php?url=" + window.location.pathname;
|
||||
} else if (data == "frozen") {
|
||||
alert("Je account is bevroren, dus je kan geen posts plaatsen. Contacteer een admin als je denkt dat dit onjuist is.");
|
||||
} else {
|
||||
$('#alertbox').hide();
|
||||
masonry(masonryMode);
|
||||
|
||||
@@ -8,6 +8,8 @@ function postComment(buttonValue) {
|
||||
).done(function (response) {
|
||||
if (response == "frozen") {
|
||||
alert("Je account is bevroren, dus je kan geen comments plaatsen of \"niet slechten\". Contacteer een admin als je denkt dat dit onjuist is.");
|
||||
} else if (response == "logged out") {
|
||||
window.location.href = "login.php?url=" + window.location.pathname;
|
||||
}
|
||||
});
|
||||
|
||||
@@ -30,6 +32,8 @@ function deletePost(postID) {
|
||||
).done(function (response) {
|
||||
if (response == "frozen") {
|
||||
alert("Je account is bevroren, dus je kan geen posts verwijderen. Contacteer een admin als je denkt dat dit onjuist is.");
|
||||
} else if (response == "logged out") {
|
||||
window.location.href = "login.php?url=" + window.location.pathname;
|
||||
}
|
||||
});
|
||||
closeModal();
|
||||
|
||||
@@ -91,7 +91,7 @@
|
||||
|
||||
.deleteButton {
|
||||
background-color: firebrick;
|
||||
|
||||
float: right;
|
||||
}
|
||||
|
||||
.deleteButton i {
|
||||
|
||||
@@ -26,8 +26,8 @@ require_once ("../queries/user.php");
|
||||
|
||||
session_start();
|
||||
|
||||
if(!isset($_SESSION["userID"])){
|
||||
header("location:login.php");
|
||||
if(!isset($_SESSION["userID"])) {
|
||||
header("location:login.php?url=" . "$_SERVER[REQUEST_URI]");
|
||||
} else {
|
||||
updateLastActivity();
|
||||
}
|
||||
|
||||
@@ -5,14 +5,6 @@ $fullname = $post['fname'] . " " . $post['lname'] . " (" . $post['username'] . "
|
||||
?>
|
||||
<div class='post-header header'>
|
||||
<h4><?=$post['title']?></h4>
|
||||
<?php if (checkPermissionOnPost($postID, $_SESSION["userID"])) {?>
|
||||
<button class="deleteButton"
|
||||
onclick="deletePost('<?=$postID?>')"
|
||||
type="submit">
|
||||
<i class="fa fa-trash"></i>
|
||||
<span>Verwijder post</span>
|
||||
</button><br />
|
||||
<?php } ?>
|
||||
<span class='postinfo'>
|
||||
gepost door <?=$fullname?>,
|
||||
<span class='posttime' title='<?=$post['creationdate']?>'>
|
||||
@@ -20,7 +12,14 @@ $fullname = $post['fname'] . " " . $post['lname'] . " (" . $post['username'] . "
|
||||
</span>
|
||||
</span>
|
||||
</div>
|
||||
|
||||
<?php if (checkPermissionOnPost($postID, $_SESSION["userID"])) {?>
|
||||
<button class="deleteButton"
|
||||
onclick="deletePost('<?=$postID?>')"
|
||||
type="submit">
|
||||
<i class="fa fa-trash"></i>
|
||||
<span>Verwijder post</span>
|
||||
</button><br />
|
||||
<?php } ?>
|
||||
<div class='post-content'>
|
||||
<p><?=$post['content']?></p>
|
||||
</div>
|
||||
|
||||
Reference in New Issue
Block a user