<?php
session_start();
//Todo: make this a setting for users that use VPNs/Proxies and seem to jump around the world rather quickly...
if ($_SESSION['user_ip']!=$_SERVER['REMOTE_ADDR']){
  // force logout
  $_SESSION = array();
  if (ini_get("session.use_cookies")) {
    $params = session_get_cookie_params();
    setcookie(session_name(), '', time() - 42000, $params["path"], $params["domain"], $params["secure"], $params["httponly"]);
  }
  session_destroy();
  header("Location: https://lostcave.ddnss.de/common/threadr/login/?error=session");
  die();
}

$pdo = new PDO('mysql:host=localhost;dbname=web', 'webstuff', 'Schei// auf Pa$$w0rter!');
$statement = $pdo->prepare('SELECT name FROM users WHERE id = :user_id;'); // to be replaced with optional user name off the user data table
$result = $statement->execute(array('user_id' => $_SESSION['user_id']));
$dbentry = $statement->fetch();
$username = $dbentry['name'];
?>
<!DOCTYPE html>
<html>
  <head>
    <title>ThreadR</title>
    <link rel="stylesheet" type="text/css" href="%CONTENT_DIR%/style.css">
  </head>
  <body>
    <ul class="topnav">
    <li><a class="active" href="%CONTENT_DIR%/userhome/"><img src="%CONTENT_DIR%/img/ThreadR_Home.svg" alt="Home" /></a></li>
    <li><a href="%CONTENT_DIR%/news/">News</a></li>
    <li><a href="%CONTENT_DIR%/boards/">Boards</a></li>
    <li><a href="%CONTENT_DIR%/about/">About</a></li>
    <li class="right"><a href="%CONTENT_DIR%/logout/">Log Out</a></li>
  </ul>
  <br />
  <div class="container">
    <div class="item-1">
      <center><h1>ThreadR</h1></center>
    </div>
    <div class="item-2">
      <center><h3><?php echo "Welcome back, $username !";?> </h3></center>
    </div>
  </div>
</html>