fetchOne( "SELECT id, username, email, is_admin FROM users WHERE id = ?", [$_SESSION['user_id']] ); } // Login utente function login($username, $password) { $db = getDB(); $user = $db->fetchOne( "SELECT id, username, password, email, is_admin FROM users WHERE username = ?", [$username] ); if ($user && password_verify($password, $user['password'])) { $_SESSION['user_id'] = $user['id']; $_SESSION['username'] = $user['username']; $_SESSION['is_admin'] = $user['is_admin']; $_SESSION['login_time'] = time(); return true; } return false; } // Logout utente function logout() { session_unset(); session_destroy(); session_start(); } // Richiedi autenticazione (redirect a login se non loggato) function requireLogin() { if (!isLoggedIn()) { header('Location: login.php'); exit; } } // Richiedi privilegi admin function requireAdmin() { requireLogin(); if (!isAdmin()) { header('Location: index.php?error=access_denied'); exit; } } // Genera un messaggio flash function setFlashMessage($message, $type = 'info') { $_SESSION['flash_message'] = $message; $_SESSION['flash_type'] = $type; } // Ottieni e pulisci il messaggio flash function getFlashMessage() { if (isset($_SESSION['flash_message'])) { $message = [ 'text' => $_SESSION['flash_message'], 'type' => $_SESSION['flash_type'] ?? 'info' ]; unset($_SESSION['flash_message']); unset($_SESSION['flash_type']); return $message; } return null; } // Sanitizza input function sanitize($input) { return htmlspecialchars(strip_tags(trim($input)), ENT_QUOTES, 'UTF-8'); } // Formatta data function formatDate($date) { if (empty($date)) return '-'; return date('d/m/Y', strtotime($date)); } // Formatta data e ora function formatDateTime($datetime) { if (empty($datetime)) return '-'; return date('d/m/Y H:i', strtotime($datetime)); }