auth_get_client_ip(), "siteKey" => $siteKey, "status" => "invalid_payload", ]); header("Location: /auth/login.html"); exit; } $userId = (int) ($_SESSION["auth_user_id"] ?? 0); if ($userId <= 0) { $redirect = $_SERVER["REQUEST_URI"] ?? "/"; header("Location: /auth/login.html?siteKey=" . urlencode($siteKey) . "&redirect=" . urlencode($redirect)); exit; } $db = auth_get_db(); $stmt = $db->prepare("SELECT 1 FROM user_access WHERE user_id = ? AND site_key = ? LIMIT 1"); $stmt->bind_param("is", $userId, $siteKey); $stmt->execute(); $result = $stmt->get_result(); $hasAccess = $result && $result->num_rows > 0; $stmt->close(); if (!$hasAccess) { auth_log_event([ "ip" => auth_get_client_ip(), "userId" => $userId, "siteKey" => $siteKey, "status" => "access_denied", ]); header("Location: /auth/login.html?siteKey=" . urlencode($siteKey)); exit; }