<?php

require_once("_db.php"); //("api/_db.php");


//session_start();
// This ^ should be placed at login stage

$LOGGED_IN = false;

if (isset($_SESSION["userid"])) {
	// Check if user still exist
	$s = $db->prepare("SELECT * FROM users WHERE id = ?");
	$s->bind_param("s", $_SESSION["userid"]);
	$s->execute();
	if (!(bool)$s->get_result()->fetch_assoc()) { // If not, then destroy session
		session_unset();
		session_destroy();
		echo "user id does not exist";
		die("user id used in session does not exist");
	}
	$LOGGED_IN = true;
} else {
	// ATTENTION: idk will this work, but this can be theoretically unsafe or cause fault

	if (session_status()) {
		session_unset();
		session_destroy();
	}

	if (isset($_COOKIE["PHPSESSID"])) {
		unset($_COOKIE["PHPSESSID"]);
		setcookie("PHPSESSID", "", time() - 3600, "/");
	}
}

?>