diff --git a/lib/account.php b/lib/account.php index ce1ef49..3f9bdda 100644 --- a/lib/account.php +++ b/lib/account.php @@ -8,7 +8,7 @@ function doLogin($email, $password){ global $mysqli; $found = false; if(!empty($email) && !empty($password)){ - $stmt = $mysqli->prepare("SELECT ID, FirstName, LastName, Nickname, PasswordHash, MinecraftNick, isAdmin FROM Users WHERE EMAIL = ? AND isActive = 1"); + $stmt = $mysqli->prepare("SELECT ID, FirstName, LastName, Nickname, PasswordHash, MinecraftNick, PrivilegeLevel FROM Users WHERE EMAIL = ? AND isActive = 1"); $stmt->bind_param("s", $email); $stmt->execute(); @@ -18,7 +18,8 @@ function doLogin($email, $password){ $nickname = ""; $pwdhash = ""; $mcnick = ""; - $stmt->bind_result($idcko, $fname, $lname, $nickname, $pwdhash, $mcnick, false); + $privilegelevel = 0; + $stmt->bind_result($idcko, $fname, $lname, $nickname, $pwdhash, $mcnick, $privilegelevel); if($stmt->num_rows() > 0){ $stmt->fetch(); @@ -29,12 +30,16 @@ function doLogin($email, $password){ $_SESSION["nickname"] = $nickname; $_SESSION["email"] = $email; $_SESSION["mcnick"] = $mcnick; - $_SESSION["isadmin"] = false; + $_SESSION["privilegelevel"] = $privilegelevel; $found = true; } } $stmt->close(); } + if (!$found){ + $_SESSION["ID"] = 0; + $_SESSION["privilegelevel"] = 0; + } return $found ? ["status" => "success"] : ["status" => "fail"]; } diff --git a/lib/page.php b/lib/page.php index 0e084c5..c33cc50 100644 --- a/lib/page.php +++ b/lib/page.php @@ -5,6 +5,11 @@ function renderDynamicPage($page_file) return render(); } +function CanViewPage($page_metadata) +{ + +} + function getPage($page_name = null){ global $routerConfig; global $routerRequest;