prepare("SELECT id, username, is_moderator FROM users WHERE id = ? AND is_suspended = 0 AND is_deleted = 0 AND is_verified = 1"); if (!$statement) { unset($_SESSION['user']); } else { $statement->bind_param("i", $_SESSION['user']); $statement->execute(); $result = $statement->get_result(); if (!$result) { unset($_SESSION['user']); } else { $row = $result->fetch_assoc(); if (!$row) { unset($_SESSION['user']); } elseif (!$row['is_moderator']) { http_response_code(403); include 'moderation_notallowed.php'; include 'moderation_final.php'; include 'final.php'; exit(); } } } } if (!isset($_SESSION['user'])) { http_response_code(403); include 'moderation_notallowed.php'; include 'moderation_final.php'; include 'final.php'; exit(); } } else { setupHeaders(); http_response_code(403); include 'moderation_notallowed.php'; include 'moderation_final.php'; include 'final.php'; exit(); } $csrfToken = ""; if (isset($_SESSION['moderation_csrf'])) { $csrfToken = $_SESSION['moderation_csrf']; } else { if (function_exists('random_bytes')) { $csrfToken = bin2hex(random_bytes(32)); } else { $csrfToken = ''; for ($i = 0; $i < 32; $i++) { $csrfToken = $csrfToken . bin2hex(rand(0, 255)); } } $_SESSION['moderation_csrf'] = $csrfToken; }