Refactor user session handling and permissions management
- Updated session variables to use 'authorization' array instead of 'username' for user identification across multiple files. - Introduced a new function `getUserPermissions` to consolidate user permissions retrieval based on assigned roles. - Modified API calls to use the new authorization structure and updated endpoints to v2. - Enhanced language support by adding 'PL' to the list of supported languages. - Cleaned up redundant code and improved session management during user login and registration processes. - Added a new API endpoint for fetching user permissions based on user ID.
This commit is contained in:
“VeLiTi”
32
index.php
32
index.php
@@ -9,11 +9,6 @@ if (session_status() == PHP_SESSION_NONE) {
|
||||
//=====================================
|
||||
|
||||
include dirname(__FILE__).'/settings/config_redirector.php';
|
||||
if (debug && debug_id == $_SESSION['id']){
|
||||
ini_set('display_errors', '1');
|
||||
ini_set('display_startup_errors', '1');
|
||||
error_reporting(E_ALL);
|
||||
}
|
||||
|
||||
if (debug){
|
||||
set_error_handler(function($errno, $errstr, $errfile, $errline) {
|
||||
@@ -31,6 +26,29 @@ include dirname(__FILE__).'/assets/functions.php';
|
||||
include dirname(__FILE__).'/settings/settings_redirector.php';
|
||||
include_once dirname(__FILE__).'/settings/countries.php';
|
||||
|
||||
//+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|
||||
//GET USER PERMISSION ASSIGNED
|
||||
//+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
|
||||
if (!isset($_SESSION['authorization']['id'])){
|
||||
|
||||
$api_url = '/v2/user_permissions/userkey='.$_SESSION['authorization']['userkey'];
|
||||
$responses = ioServer($api_url,'');
|
||||
//Decode Payload
|
||||
if (!empty($responses)){$responses = json_decode($responses,true);}else{$responses = null;}
|
||||
|
||||
//STORE DATA IN SESSION
|
||||
foreach($responses as $key => $value){
|
||||
$_SESSION['authorization'][$key] = $value;
|
||||
}
|
||||
}
|
||||
|
||||
if (debug && debug_id == $_SESSION['authorization']['id']){
|
||||
ini_set('display_errors', '1');
|
||||
ini_set('display_startup_errors', '1');
|
||||
error_reporting(E_ALL);
|
||||
}
|
||||
|
||||
var_dump($_SESSION['authorization']);
|
||||
//=====================================
|
||||
//TRANSLATION FILE LOCATION
|
||||
//=====================================
|
||||
@@ -92,7 +110,7 @@ if (isset($_GET['page']) && $_GET['page'] == 'logout') {
|
||||
//=====================================
|
||||
//DEFINE WHERE TO SEND THE USER TO. GET first assigned view in the profile if not available use dashboard
|
||||
//=====================================
|
||||
$allowed_views = explode(',',$_SESSION['profile']);
|
||||
$allowed_views = explode(',',$_SESSION['authorization']['profile']);
|
||||
$ignoreViews = ['profile','assets','sales'];
|
||||
|
||||
// If dashboard is in the profile, prioritize it
|
||||
@@ -117,7 +135,7 @@ include $page . '.php';
|
||||
//=====================================
|
||||
|
||||
if (debug){
|
||||
$message = $date.';'.json_encode($_GET).';'.$_SESSION['username'];
|
||||
$message = $date.';'.json_encode($_GET).';'.$_SESSION['authorization']['clientID'];
|
||||
debuglog($message);
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user