prepare("SELECT * FROM users WHERE id = ?"); $stmt->execute([$_SESSION['user_id']]); return $stmt->fetch(); } function require_login() { if (!isset($_SESSION['user_id'])) { header('Location: login.php'); exit; } } function require_role($roles) { $user = get_user(); if (!$user || !in_array($user['role'], (array)$roles)) { header('Location: index.php?error=Unauthorized'); exit; } } function uuid() { return sprintf('%04x%04x-%04x-%04x-%04x-%04x%04x%04x', mt_rand(0, 0xffff), mt_rand(0, 0xffff), mt_rand(0, 0xffff), mt_rand(0, 0x0fff) | 0x4000, mt_rand(0, 0x3fff) | 0x8000, mt_rand(0, 0xffff), mt_rand(0, 0xffff), mt_rand(0, 0xffff) ); } function audit_log($action, $table = null, $record_id = null, $old = null, $new = null, $details = null) { $electionId = get_active_election_id(); $stmt = db()->prepare("INSERT INTO audit_logs (id, user_id, action, details, table_name, record_id, old_values, new_values, election_id) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)"); $stmt->execute([ uuid(), $_SESSION['user_id'] ?? null, $action, $details, $table, $record_id, $old ? json_encode($old) : null, $new ? json_encode($new) : null, $electionId ]); } function get_active_election_id() { if (isset($_GET['set_election_id'])) { $_SESSION['active_election_id'] = $_GET['set_election_id']; // Redirect to same page without the query param to keep URL clean $url = strtok($_SERVER["REQUEST_URI"], '?'); header("Location: " . $url); exit; } if (!isset($_SESSION['active_election_id'])) { $election = db()->query("SELECT id FROM elections WHERE archived = FALSE ORDER BY created_at DESC LIMIT 1")->fetch(); $_SESSION['active_election_id'] = $election['id'] ?? null; } return $_SESSION['active_election_id']; } function get_active_election() { $id = get_active_election_id(); if (!$id) return null; $stmt = db()->prepare("SELECT * FROM elections WHERE id = ?"); $stmt->execute([$id]); return $stmt->fetch(); } function get_all_elections() { return db()->query("SELECT * FROM elections WHERE archived = FALSE ORDER BY created_at DESC")->fetchAll(); }