<?php

/*
*		smzint/Auth (c) schmamazon.com 2025
*/

$cookie_name = "SMZ-Auth";

if(!isset($_COOKIE[$cookie_name])) {
  // Nicht angemeldet
  return false;
} else {
  $sessionId = $_COOKIE[$cookie_name];
  include('db.ini.php');

  $conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname);
  if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
  }

  $sql = "SELECT * FROM smz_sessions WHERE sessionId='$sessionId' AND expiry > ".time()." ";
  $result = $conn->query($sql);
  if ($result->num_rows > 0) {
    while($row = $result->fetch_assoc()) {
      $uid = $row["uid"];
    }
  } else {
    // ungültige Session
    return false;
  }
  $conn->close();

  $conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname);
  if ($conn->connect_error) {
    die("Connection failed: " . $conn->connect_error);
  }
  $sql = "SELECT email, username FROM smz_users WHERE id='$uid' AND active = 1";
  $result = $conn->query($sql);
  $conn->close();
  if ($result->num_rows > 0) {
    while($row = $result->fetch_assoc()) {
      $uemail = $row["email"];
      $uname = $row["username"];
    }
    return true;
  } else {
    //Nutzer deaktiviert
    return false;
  }
}

 ?>