user profile

public/userarea/ajax/auth_check.php

@@ -0,0 +1,18 @@
+<?php
+/**
+ * Auth check for AJAX endpoints under /userarea/ajax/.
+ * Include this at the top of every ajax handler.
+ * Sets $currentUserId from session or returns 401 JSON.
+ */
+if (session_status() === PHP_SESSION_NONE) {
+    session_start();
+}
+
+if (empty($_SESSION['iduserlogin'])) {
+    header('Content-Type: application/json');
+    http_response_code(401);
+    echo json_encode(['success' => false, 'message' => 'Non autorizzato. Effettua il login.']);
+    exit;
+}
+
+$currentUserId = (int)$_SESSION['iduserlogin'];