isLogged.api

1. require_once "../core.php";
2. if (isset($_SESSION['uname'])) {
3.     $sql = $_SQL->query("SELECT *, NULL as sodium, NULL as password from `users` WHERE `id` = '{$_USER['id']}'");
4.     $_LOGGED = $sql->fetch_assoc();
5.     if ($_LOGGED['hmail'] == 'y') { $_LOGGED['email']='hidden'; }
6.     if (!isImage($_LOGGED['avatar'])) { $_LOGGED['avatar'] = "//halovau.lt/css/images/grunt.png"; }
7.     $_LOGGED['hmail']='';
8.     $loggedSession = json_encode($_LOGGED, JSON_PRETTY_PRINT);
9.     $loggedSession = str_replace("\\/", "/", $loggedSession);
10.     $loggedSession = str_replace('"password": null,', '', $loggedSession);
11.     $loggedSession = str_replace('"sodium": null,', '', $loggedSession);
12.     $loggedSession = str_replace('"hmail": "",', '', $loggedSession);
13.     if(array_key_exists('callback', $_GET)){
14.         header('Content-Type: text/javascript; charset=utf8');
15.         header('Access-Control-Allow-Origin: *');
16.         header('Access-Control-Max-Age: 3628800');
17.         header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE');
18.         $callback = $_GET['callback'];
19.         echo $callback.'('.$loggedSession.');';
20.     } else {
21.         header('Content-type: application/json'); header("Access-Control-Allow-Origin: *");
22.         print_r($loggedSession);
23.     }
24. } else echo "Unable to handle cross-origin request";