refactor(pages): replace superglobals with request/session abstractions

This commit is contained in:
2026-03-06 11:28:22 +01:00
parent ebf15081e1
commit 205da203cc
87 changed files with 368 additions and 127 deletions

View File

@@ -1,11 +1,13 @@
<?php
use MintyPHP\Http\SessionStoreInterface;
use MintyPHP\Router;
use MintyPHP\Service\Access\UserAuthorizationPolicy;
use MintyPHP\Service\User\UserAccessPdfService;
use MintyPHP\Session;
use MintyPHP\Support\Guard;
$session = app(SessionStoreInterface::class)->all();
define('MINTY_ALLOW_OUTPUT', true);
// Hard gate: user must be logged in and explicitly allowed to generate access PDFs.
@@ -38,7 +40,7 @@ if (!$user) {
return;
}
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
$currentUserId = (int) ($session['user']['id'] ?? 0);
$userId = (int) ($user['id'] ?? 0);
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_ACCESS_PDF, [
'actor_user_id' => $currentUserId,

View File

@@ -1,17 +1,19 @@
<?php
use MintyPHP\Http\SessionStoreInterface;
use MintyPHP\Router;
use MintyPHP\Service\Access\UserAuthorizationPolicy;
use MintyPHP\Service\User\UserAccessPdfService;
use MintyPHP\Support\Guard;
$session = app(SessionStoreInterface::class)->all();
define('MINTY_ALLOW_OUTPUT', true);
// Hard gate: user must be logged in and explicitly allowed to generate access PDFs.
Guard::requireLogin();
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_ACCESS_PDF_BULK, [
'actor_user_id' => (int) ($_SESSION['user']['id'] ?? 0),
'actor_user_id' => (int) ($session['user']['id'] ?? 0),
]);
if (!$decision->isAllowed()) {
Router::redirect('error/forbidden');
@@ -49,7 +51,7 @@ if (count($uuids) > 100) {
return;
}
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
$currentUserId = (int) ($session['user']['id'] ?? 0);
$users = [];
foreach ($uuids as $uuid) {
$user = $userAccountService->findByUuid($uuid);

View File

@@ -1,11 +1,13 @@
<?php
use MintyPHP\Http\Request;
use MintyPHP\Http\SessionStoreInterface;
use MintyPHP\Router;
use MintyPHP\Service\Access\UserAuthorizationPolicy;
use MintyPHP\Session;
use MintyPHP\Support\Guard;
$session = app(SessionStoreInterface::class)->all();
Guard::requireLogin();
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
$userAccountService = app(\MintyPHP\Service\User\UserAccountService::class);
@@ -29,7 +31,7 @@ if (!Session::checkCsrfToken()) {
}
$uuid = trim((string) ($id ?? ''));
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
$currentUserId = (int) ($session['user']['id'] ?? 0);
$user = $uuid !== '' ? $userAccountService->findByUuid($uuid) : null;
$userId = (int) ($user['id'] ?? 0);
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_ACTIVATE, [

View File

@@ -1,10 +1,14 @@
<?php
use MintyPHP\Http\SessionStoreInterface;
use MintyPHP\Router;
use MintyPHP\Service\Access\UserAuthorizationPolicy;
use MintyPHP\Support\Flash;
use MintyPHP\Support\Guard;
$sessionStore = app(SessionStoreInterface::class);
$session = $sessionStore->all();
Guard::requireLogin();
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
$userAccountService = app(\MintyPHP\Service\User\UserAccountService::class);
@@ -17,7 +21,7 @@ if (!$user) {
}
$userId = (int) ($user['id'] ?? 0);
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
$currentUserId = (int) ($session['user']['id'] ?? 0);
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_API_TOKENS_MANAGE, [
'actor_user_id' => $currentUserId,
'target_user_id' => $userId,
@@ -37,7 +41,7 @@ if ($name === '') {
$result = $apiTokenService->create($userId, $name, null, null, $currentUserId);
if ($result['ok'] ?? false) {
$_SESSION['api_token_created'] = ['token' => $result['token'], 'uuid' => $uuid];
$sessionStore->set('api_token_created', ['token' => $result['token'], 'uuid' => $uuid]);
Flash::success(t('API token created. Copy it now — it will not be shown again.'), "admin/users/edit/{$uuid}", 'api_token_created');
} else {
$error = $result['error'] ?? 'create_failed';

View File

@@ -1,10 +1,12 @@
<?php
use MintyPHP\Http\SessionStoreInterface;
use MintyPHP\Router;
use MintyPHP\Service\Access\UserAuthorizationPolicy;
use MintyPHP\Support\Flash;
use MintyPHP\Support\Guard;
$session = app(SessionStoreInterface::class)->all();
Guard::requireLogin();
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
$userAccountService = app(\MintyPHP\Service\User\UserAccountService::class);
@@ -17,7 +19,7 @@ if (!$user) {
}
$userId = (int) ($user['id'] ?? 0);
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
$currentUserId = (int) ($session['user']['id'] ?? 0);
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_API_TOKENS_MANAGE, [
'actor_user_id' => $currentUserId,
'target_user_id' => $userId,

View File

@@ -1,10 +1,12 @@
<?php
use MintyPHP\Http\SessionStoreInterface;
use MintyPHP\Router;
use MintyPHP\Service\Access\UserAuthorizationPolicy;
use MintyPHP\Support\Flash;
use MintyPHP\Support\Guard;
$session = app(SessionStoreInterface::class)->all();
Guard::requireLogin();
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
$userAccountService = app(\MintyPHP\Service\User\UserAccountService::class);
@@ -24,7 +26,7 @@ if (!$userAvatarService->isValidUuid($uuid)) {
return;
}
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
$currentUserId = (int) ($session['user']['id'] ?? 0);
$user = $uuid !== '' ? $userAccountService->findByUuid($uuid) : null;
$userId = (int) ($user['id'] ?? 0);
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_AVATAR_UPLOAD, [

View File

@@ -1,10 +1,12 @@
<?php
use MintyPHP\Http\SessionStoreInterface;
use MintyPHP\Router;
use MintyPHP\Service\Access\UserAuthorizationPolicy;
use MintyPHP\Support\Flash;
use MintyPHP\Support\Guard;
$session = app(SessionStoreInterface::class)->all();
Guard::requireLogin();
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
$userAccountService = app(\MintyPHP\Service\User\UserAccountService::class);
@@ -24,7 +26,7 @@ if (!$userAvatarService->isValidUuid($uuid)) {
return;
}
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
$currentUserId = (int) ($session['user']['id'] ?? 0);
$user = $uuid !== '' ? $userAccountService->findByUuid($uuid) : null;
$userId = (int) ($user['id'] ?? 0);
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_AVATAR_DELETE, [

View File

@@ -1,8 +1,10 @@
<?php
use MintyPHP\Http\SessionStoreInterface;
use MintyPHP\Service\Access\UserAuthorizationPolicy;
use MintyPHP\Support\Guard;
$session = app(SessionStoreInterface::class)->all();
define('MINTY_ALLOW_OUTPUT', true);
Guard::requireLogin();
@@ -17,7 +19,7 @@ if (!$userAvatarService->isValidUuid($uuid)) {
return;
}
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
$currentUserId = (int) ($session['user']['id'] ?? 0);
$user = $uuid !== '' ? $userAccountService->findByUuid($uuid) : null;
$userId = (int) ($user['id'] ?? 0);
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_AVATAR_VIEW, [

View File

@@ -1,10 +1,12 @@
<?php
use MintyPHP\Http\SessionStoreInterface;
use MintyPHP\Router;
use MintyPHP\Service\Access\UserAuthorizationPolicy;
use MintyPHP\Service\User\UserAccessTemplateService;
use MintyPHP\Support\Guard;
$session = app(SessionStoreInterface::class)->all();
Guard::requireLogin();
$action = strtolower(trim((string) ($action ?? '')));
@@ -25,7 +27,7 @@ if (!$uuids) {
Router::json(['ok' => false, 'error' => 'no_selection']);
}
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
$currentUserId = (int) ($session['user']['id'] ?? 0);
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_BULK, [
'actor_user_id' => $currentUserId,

View File

@@ -2,6 +2,7 @@
use MintyPHP\Buffer;
use MintyPHP\Http\Request;
use MintyPHP\Http\SessionStoreInterface;
use MintyPHP\I18n;
use MintyPHP\Router;
use MintyPHP\Service\Access\UiAccessService;
@@ -11,11 +12,12 @@ use MintyPHP\Service\CustomField\UserCustomFieldValueService;
use MintyPHP\Support\Flash;
use MintyPHP\Support\Guard;
$session = app(SessionStoreInterface::class)->all();
Guard::requireLogin();
$request = requestInput();
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_CREATE, [
'actor_user_id' => (int) ($_SESSION['user']['id'] ?? 0),
'actor_user_id' => (int) ($session['user']['id'] ?? 0),
]);
if (!$decision->isAllowed()) {
if (Request::wantsJson()) {
@@ -38,7 +40,7 @@ $tenantService = app(\MintyPHP\Service\Tenant\TenantService::class);
$roleService = app(\MintyPHP\Service\Access\RoleService::class);
$departmentService = app(\MintyPHP\Service\Org\DepartmentService::class);
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
$currentUserId = (int) ($session['user']['id'] ?? 0);
$uiAccessService = app(UiAccessService::class);
$viewAuth['page'] = $uiAccessService->pageCapabilities($currentUserId, UiCapabilityMap::PAGE_USERS_CREATE);
$pageAuth = is_array($viewAuth['page'] ?? null) ? $viewAuth['page'] : [];

View File

@@ -1,8 +1,10 @@
<?php
use MintyPHP\Http\SessionStoreInterface;
use MintyPHP\Service\Access\UserAuthorizationPolicy;
use MintyPHP\Support\Guard;
$session = app(SessionStoreInterface::class)->all();
Guard::requireLogin();
Guard::requireAbilityOrForbidden(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_VIEW);
@@ -11,7 +13,7 @@ gridRequireGetRequest();
$userAccountService = app(\MintyPHP\Service\User\UserAccountService::class);
$userAvatarService = app(\MintyPHP\Service\User\UserAvatarService::class);
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
$currentUserId = (int) ($session['user']['id'] ?? 0);
$filters = gridParseFiltersFromSchemaFile(__DIR__ . '/filter-schema.php');

View File

@@ -1,10 +1,12 @@
<?php
use MintyPHP\Http\Request;
use MintyPHP\Http\SessionStoreInterface;
use MintyPHP\Router;
use MintyPHP\Service\Access\UserAuthorizationPolicy;
use MintyPHP\Support\Guard;
$session = app(SessionStoreInterface::class)->all();
Guard::requireLogin();
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
$userAccountService = app(\MintyPHP\Service\User\UserAccountService::class);
@@ -15,7 +17,7 @@ if ((requestInput()->method()) !== 'POST') {
}
$uuid = trim((string) ($id ?? ''));
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
$currentUserId = (int) ($session['user']['id'] ?? 0);
$user = $uuid !== '' ? $userAccountService->findByUuid($uuid) : null;
$userId = (int) ($user['id'] ?? 0);
$errorBag = formErrors();

View File

@@ -1,11 +1,13 @@
<?php
use MintyPHP\Http\Request;
use MintyPHP\Http\SessionStoreInterface;
use MintyPHP\Router;
use MintyPHP\Service\Access\UserAuthorizationPolicy;
use MintyPHP\Support\Flash;
use MintyPHP\Support\Guard;
$session = app(SessionStoreInterface::class)->all();
Guard::requireLogin();
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
$userAccountService = app(\MintyPHP\Service\User\UserAccountService::class);
@@ -16,7 +18,7 @@ if ((requestInput()->method()) !== 'POST') {
}
$uuid = trim((string) ($id ?? ''));
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
$currentUserId = (int) ($session['user']['id'] ?? 0);
$user = $uuid !== '' ? $userAccountService->findByUuid($uuid) : null;
$userId = (int) ($user['id'] ?? 0);
$errorBag = formErrors();

View File

@@ -1,6 +1,7 @@
<?php
use MintyPHP\Buffer;
use MintyPHP\Http\SessionStoreInterface;
use MintyPHP\I18n;
use MintyPHP\Repository\Auth\PasswordResetRepository;
use MintyPHP\Repository\Auth\RememberTokenRepository;
@@ -10,6 +11,9 @@ use MintyPHP\Service\CustomField\UserCustomFieldValueService;
use MintyPHP\Support\Flash;
use MintyPHP\Support\Guard;
$sessionStore = app(SessionStoreInterface::class);
$session = $sessionStore->all();
Guard::requireLogin();
$request = requestInput();
$userAccountService = app(\MintyPHP\Service\User\UserAccountService::class);
@@ -31,7 +35,7 @@ $departmentService = app(\MintyPHP\Service\Org\DepartmentService::class);
$passwordMinLength = $userPasswordPolicyService->minLength();
$passwordHints = $userPasswordPolicyService->hints();
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
$currentUserId = (int) ($session['user']['id'] ?? 0);
$uuid = trim((string) ($id ?? ''));
$user = $uuid !== '' ? $userAccountService->findByUuid($uuid) : null;
if (!$user) {
@@ -269,10 +273,18 @@ if ($request->hasBody('email')) {
if ($currentUserId === $userId && isset($form['theme'])) {
$themes = appThemes();
$themeValue = strtolower(trim((string) ($form['theme'] ?? '')));
$_SESSION['user']['theme'] = isset($themes[$themeValue]) ? $themeValue : appDefaultTheme();
$userSession = $sessionStore->get('user', []);
if (is_array($userSession)) {
$userSession['theme'] = isset($themes[$themeValue]) ? $themeValue : appDefaultTheme();
$sessionStore->set('user', $userSession);
}
}
if ($currentUserId === $userId && isset($form['locale'])) {
$_SESSION['user']['locale'] = $form['locale'];
$userSession = $sessionStore->get('user', []);
if (is_array($userSession)) {
$userSession['locale'] = $form['locale'];
$sessionStore->set('user', $userSession);
}
I18n::$locale = $form['locale'];
}
if (!$errorBag->hasAny()) {

View File

@@ -1,14 +1,16 @@
<?php
use MintyPHP\Http\Request;
use MintyPHP\Http\SessionStoreInterface;
use MintyPHP\Router;
use MintyPHP\Service\Access\UserAuthorizationPolicy;
use MintyPHP\Support\Guard;
$session = app(SessionStoreInterface::class)->all();
Guard::requireLogin();
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_VIEW, [
'actor_user_id' => (int) ($_SESSION['user']['id'] ?? 0),
'actor_user_id' => (int) ($session['user']['id'] ?? 0),
]);
if (!$decision->isAllowed()) {
if (Request::wantsJson()) {
@@ -21,7 +23,7 @@ if (!$decision->isAllowed()) {
}
$userAccountService = app(\MintyPHP\Service\User\UserAccountService::class);
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
$currentUserId = (int) ($session['user']['id'] ?? 0);
$search = trim((string) (requestInput()->queryAll()['search'] ?? ''));
$order = (string) (requestInput()->queryAll()['order'] ?? 'id');

View File

@@ -1,10 +1,12 @@
<?php
use MintyPHP\Http\SessionStoreInterface;
use MintyPHP\Router;
use MintyPHP\Service\Access\UserAuthorizationPolicy;
use MintyPHP\Support\Flash;
use MintyPHP\Support\Guard;
$session = app(SessionStoreInterface::class)->all();
Guard::requireLogin();
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
$userAccountService = app(\MintyPHP\Service\User\UserAccountService::class);
@@ -18,7 +20,7 @@ if (!$user) {
}
$userId = (int) ($user['id'] ?? 0);
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
$currentUserId = (int) ($session['user']['id'] ?? 0);
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_FORGET_TOKENS, [
'actor_user_id' => $currentUserId,
'target_user_id' => $userId,

View File

@@ -2,6 +2,7 @@
use MintyPHP\Buffer;
use MintyPHP\Http\Request;
use MintyPHP\Http\SessionStoreInterface;
use MintyPHP\Router;
use MintyPHP\Service\Access\UiAccessService;
use MintyPHP\Service\Access\UiCapabilityMap;
@@ -9,10 +10,11 @@ use MintyPHP\Service\Access\UserAuthorizationPolicy;
use MintyPHP\Session;
use MintyPHP\Support\Guard;
$session = app(SessionStoreInterface::class)->all();
Guard::requireLogin();
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_VIEW, [
'actor_user_id' => (int) ($_SESSION['user']['id'] ?? 0),
'actor_user_id' => (int) ($session['user']['id'] ?? 0),
]);
if (!$decision->isAllowed()) {
if (Request::wantsJson()) {
@@ -38,7 +40,7 @@ $filterState = gridParseFilters($query, [
'search' => ['type' => 'string'],
]);
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
$currentUserId = (int) ($session['user']['id'] ?? 0);
$allowedTenantIds = app(\MintyPHP\Service\Directory\DirectoryScopeGateway::class)->getUserTenantIds($currentUserId);
$uiAccessService = app(UiAccessService::class);
$selfEditDecision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_EDIT_CONTEXT, [
@@ -56,7 +58,7 @@ $viewAuth['page'] = [
Buffer::set('title', t('Users'));
Buffer::set('grid_lang', json_encode(gridLang(), JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES));
$csrfKey = Session::$csrfSessionKey;
$csrfToken = $_SESSION[$csrfKey] ?? '';
$csrfToken = $session[$csrfKey] ?? '';
Buffer::set(
'grid_csrf',
json_encode(['key' => $csrfKey, 'token' => $csrfToken], JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES)

View File

@@ -1,11 +1,13 @@
<?php
use MintyPHP\Http\SessionStoreInterface;
use MintyPHP\Router;
use MintyPHP\Service\Access\UserAuthorizationPolicy;
use MintyPHP\Service\User\UserAccessTemplateService;
use MintyPHP\Support\Flash;
use MintyPHP\Support\Guard;
$session = app(SessionStoreInterface::class)->all();
Guard::requireLogin();
$authorizationService = app(\MintyPHP\Service\Access\AuthorizationService::class);
$userAccountService = app(\MintyPHP\Service\User\UserAccountService::class);
@@ -20,7 +22,7 @@ if (!$user) {
}
$userId = (int) ($user['id'] ?? 0);
$currentUserId = (int) ($_SESSION['user']['id'] ?? 0);
$currentUserId = (int) ($session['user']['id'] ?? 0);
$decision = $authorizationService->authorize(UserAuthorizationPolicy::ABILITY_ADMIN_USERS_SEND_ACCESS, [
'actor_user_id' => $currentUserId,
'target_user_id' => $userId,

View File

@@ -1,10 +1,14 @@
<?php
use MintyPHP\Http\Request;
use MintyPHP\Http\SessionStoreInterface;
use MintyPHP\Router;
use MintyPHP\Session;
use MintyPHP\Support\Guard;
$sessionStore = app(SessionStoreInterface::class);
$session = $sessionStore->all();
Guard::requireLogin();
$userTenantContextService = app(\MintyPHP\Service\User\UserTenantContextService::class);
$errorBag = formErrors();
@@ -26,7 +30,7 @@ if (!Session::checkCsrfToken()) {
return;
}
$userId = (int) ($_SESSION['user']['id'] ?? 0);
$userId = (int) ($session['user']['id'] ?? 0);
if ($userId <= 0) {
http_response_code(401);
if (Request::wantsJson()) {
@@ -67,16 +71,18 @@ if (!($result['ok'] ?? false)) {
}
// Update session with new current tenant
if (isset($_SESSION['user'])) {
$_SESSION['user']['current_tenant_id'] = $tenantId;
if (isset($session['user']) && is_array($session['user'])) {
$userSession = $session['user'];
$userSession['current_tenant_id'] = $tenantId;
$sessionStore->set('user', $userSession);
}
// Update session with full tenant data
$_SESSION['current_tenant'] = $result['tenant'] ?? null;
$sessionStore->set('current_tenant', $result['tenant'] ?? null);
// Reload available tenants and departments
$_SESSION['available_tenants'] = $userTenantContextService->getAvailableTenants($userId);
$_SESSION['available_departments_by_tenant'] = $userTenantContextService->getAvailableDepartmentsByTenant($userId);
$sessionStore->set('available_tenants', $userTenantContextService->getAvailableTenants($userId));
$sessionStore->set('available_departments_by_tenant', $userTenantContextService->getAvailableDepartmentsByTenant($userId));
if (Request::wantsJson()) {
Router::json([

View File

@@ -1,10 +1,14 @@
<?php
use MintyPHP\Http\Request;
use MintyPHP\Http\SessionStoreInterface;
use MintyPHP\Router;
use MintyPHP\Session;
use MintyPHP\Support\Guard;
$sessionStore = app(SessionStoreInterface::class);
$session = $sessionStore->all();
Guard::requireLogin();
$userAccountService = app(\MintyPHP\Service\User\UserAccountService::class);
$errorBag = formErrors();
@@ -24,7 +28,7 @@ if (!Session::checkCsrfToken()) {
return;
}
$userId = (int) ($_SESSION['user']['id'] ?? 0);
$userId = (int) ($session['user']['id'] ?? 0);
if ($userId <= 0) {
http_response_code(401);
if (Request::wantsJson()) {
@@ -70,7 +74,11 @@ if (!$updated) {
return;
}
$_SESSION['user']['theme'] = $theme;
$userSession = $sessionStore->get('user', []);
if (is_array($userSession)) {
$userSession['theme'] = $theme;
$sessionStore->set('user', $userSession);
}
if (Request::wantsJson()) {
Router::json(['ok' => true, 'theme' => $theme]);