update users login

2026-04-08 06:36:38 +00:00 · 2026-04-08 06:36:38 +00:00 · da6711e592
commit da6711e592
parent 94393c7a54
4 changed files with 18 additions and 1 deletions
--- a/cookie.txt
+++ b/cookie.txt
@ -0,0 +1,5 @@
+# Netscape HTTP Cookie File
+# https://curl.se/docs/http-cookies.html
+# This file was generated by libcurl! Edit at your own risk.
+
+127.0.0.1	FALSE	/	FALSE	0	PHPSESSID	69opohn4d8347kh0d07rl59f2n
--- a/includes/app.php
+++ b/includes/app.php
@ -5,6 +5,11 @@ if (session_status() === PHP_SESSION_NONE) {
    session_start();
 }

+// Prevent browser caching globally
+header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
+header('Cache-Control: post-check=0, pre-check=0', false);
+header('Pragma: no-cache');
+
 require_once __DIR__ . '/../db/config.php';

 function h(?string $value): string
--- a/includes/auth.php
+++ b/includes/auth.php
@ -6,6 +6,9 @@ function require_login() {
        header('Location: login.php');
        exit;
    }
+    header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
+    header('Cache-Control: post-check=0, pre-check=0', false);
+    header('Pragma: no-cache');
 }

 function get_logged_in_user() {
--- a/login.php
+++ b/login.php
@ -19,7 +19,11 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        if ($user && password_verify($password, $user['password'])) {
            $_SESSION['user_id'] = $user['id'];
            $_SESSION['user_role'] = $user['role'];
-            header('Location: admin.php');
+            if ($user['role'] === 'admin' || !empty($user['role_id'])) {
+                header('Location: admin.php');
+            } else {
+                header('Location: index.php');
+            }
            exit;
        } else {
            $error = t('Invalid email or password.', 'البريد الإلكتروني أو كلمة المرور غير صحيحة.');