<?php
require_once __DIR__ . '/../config/db.php';

function log_activity($user_id, $activity) {
    try {
        $pdo = db();
        $stmt = $pdo->prepare("INSERT INTO log_aktivitas (user_id, aktivitas) VALUES (?, ?)");
        $stmt->execute([$user_id, $activity]);
    } catch (PDOException $e) {
        // Optionally log error to a file
    }
}

function check_auth($roles = []) {
    if (!isset($_SESSION['user'])) {
        header('Location: /login.php');
        exit();
    }
    if (!empty($roles) && !in_array($_SESSION['user']['role'], $roles)) {
        http_response_code(403);
        echo "Forbidden";
        exit();
    }
}
?>