Pastein: <?php function current_user(): ?array { global $pdo; if (empty($_SESSION['user_id'])) { return null; } $stmt = $pdo->prepare(' SELECT u.id,

Загрузка данных
<?php

function current_user(): ?array
{
    global $pdo;

    if (empty($_SESSION['user_id'])) {
        return null;
    }

    $stmt = $pdo->prepare('
        SELECT
            u.id,
            u.full_name,
            u.email,
            u.phone,
            u.status,
            u.role_id,
            LOWER(TRIM(r.code)) AS role_code,
            r.name AS role_name
        FROM users u
        JOIN roles r ON r.id = u.role_id
        WHERE u.id = :id
        LIMIT 1
    ');

    $stmt->execute([
        'id' => (int)$_SESSION['user_id']
    ]);

    $user = $stmt->fetch();

    if (!$user) {
        unset($_SESSION['user_id']);
        unset($_SESSION['user']);
        unset($_SESSION['role']);
        unset($_SESSION['user_role']);

        return null;
    }

    if ($user['status'] !== 'active') {
        unset($_SESSION['user_id']);
        unset($_SESSION['user']);
        unset($_SESSION['role']);
        unset($_SESSION['user_role']);

        flash_set('danger', 'Учётная запись недоступна.');
        redirect(url('login.php'));
    }

    $_SESSION['user'] = [
        'id' => (int)$user['id'],
        'full_name' => $user['full_name'],
        'email' => $user['email'],
        'role' => $user['role_code']
    ];

    $_SESSION['role'] = $user['role_code'];
    $_SESSION['user_role'] = $user['role_code'];

    return $user;
}

function is_logged_in(): bool
{
    return current_user() !== null;
}

function user_role(): ?string
{
    $user = current_user();

    return $user['role_code'] ?? null;
}

function require_auth(): void
{
    if (!is_logged_in()) {
        flash_set('danger', 'Для доступа к странице необходимо войти в аккаунт.');
        redirect(url('login.php'));
    }
}

function require_role(array $allowedRoles): void
{
    $user = current_user();

    if (!$user) {
        flash_set('danger', 'Для доступа к странице необходимо войти в аккаунт.');
        redirect(url('login.php'));
    }

    $userRole = strtolower(trim($user['role_code']));

    $allowedRoles = array_map(static function ($role) {
        return strtolower(trim($role));
    }, $allowedRoles);

    if (!in_array($userRole, $allowedRoles, true)) {
        flash_set('danger', 'Доступ запрещён. У вас нет прав для просмотра этого раздела.');
        redirect(url('profile.php'));
    }
}




session_regenerate_id(true);

$_SESSION['user_id'] = (int)$user['id'];
$_SESSION['role'] = strtolower(trim($user['role_code']));
$_SESSION['user_role'] = strtolower(trim($user['role_code']));

$updateStmt = $pdo->prepare('
    UPDATE users
    SET last_login_at = NOW()
    WHERE id = :id
');

$updateStmt->execute([
    'id' => $user['id']
]);

if ($user['role_code'] === 'admin') {
    redirect(url('admin/index.php'));
}

if ($user['role_code'] === 'manager') {
    redirect(url('manager/index.php'));
}

redirect(url('profile.php'));
Больше возможностей при регистрации:
