' . '

Access Denied

' . '

You do not have permission to view this page.

' . '← Dashboard'; exit; } } /** True if current session user has at least $min_role. */ function has_role(string $min): bool { _auth_start(); $levels = ['user' => 1, 'superuser' => 2, 'admin' => 3, 'superadmin' => 4]; return ($levels[$_SESSION['role'] ?? ''] ?? 0) >= ($levels[$min] ?? 999); } /** Return current user data from session (or empty defaults). */ function current_user(): array { _auth_start(); return [ 'id' => $_SESSION['user_id'] ?? null, 'username' => $_SESSION['username'] ?? '', 'email' => $_SESSION['email'] ?? '', 'role' => $_SESSION['role'] ?? '', 'display_name' => $_SESSION['display_name'] ?? '', 'rosary_limit' => $_SESSION['rosary_limit'] ?? 1, ]; } /** * Check if user can create another rosary. * Novenas count as 1 regardless of number of days. * Returns true if under limit (or limit is -1 = unlimited). */ function can_create_rosary(int $user_id, int $limit): bool { if ($limit < 0) return true; // unlimited $pdo = get_pdo(); $st = $pdo->prepare(" SELECT (SELECT COUNT(*) FROM sessions WHERE user_id = ? AND occasion != 'novena_deceased') + (SELECT COUNT(*) FROM novena_groups WHERE user_id = ?) AS total "); $st->execute([$user_id, $user_id]); return (int)$st->fetchColumn() < $limit; }