Update 5 files

- /include/functions.php
- /html/admin.php
- /html/editpage.php
- /html/journal.php
- /html/users.php

html/admin.php

@@ -2,7 +2,7 @@
 require "../include/variables.php";
 require "../include/functions.php";
 
-if($role < 4) {
+if($_SESSION['role'] < 4) {
     header("Location: index.php");
     http_response_code(404);
     die();

html/editpage.php

@@ -2,7 +2,7 @@
 require "../include/variables.php";
 require "../include/functions.php";
 
-if($role < 3) {
+if($_SESSION['role'] < 3) {
     header("Location: index.php");
     http_response_code(404);
     die();

html/journal.php

@@ -56,7 +56,7 @@ if (filter_var($_GET['article'], FILTER_VALIDATE_INT)) {
                         } else {
                             $bdd = connect($dbhost, $dbname, $dbuser, $dbpass);
                             $req = $bdd->prepare("SELECT ID, titre, date, auteur FROM articles WHERE classification <= :role ORDER BY date DESC");
-                        $req->bindParam(":role", $role);
+                        $req->bindParam(":role", $_SESSION['role']);
                             $req->execute();
                             $resultat = $req->fetchAll(PDO::FETCH_ASSOC);
 

html/users.php

@@ -2,7 +2,7 @@
 require "../include/variables.php";
 require "../include/functions.php";
 
-if($role < 4) {
+if($_SESSION['role'] < 4) {
     header("Location: index.php");
     http_response_code(404);
     die();

include/functions.php

@@ -1,8 +1,6 @@
 <?php
 session_start();
 
-$role = isset($_SESSION['role']) ? (int)$_SESSION['role'] : 0;
-
 function nav($nav, $role) {
     foreach($nav as $name => $url) {
         echo "<a href='$url'><div class='navitem'>$name</div></a>";