Added authentication functionality and simple role based model

get_data.php

@@ -1,19 +1,26 @@
 <?php
 require 'db.php';
+require 'auth.php';
 
-$projects = $pdo->query("SELECT * FROM projects ORDER BY sort_order ASC")->fetchAll();
+header('Content-Type: application/json');
+require_login();
+
+$user_id = current_user_id();
+
+$stmt = $pdo->prepare("SELECT * FROM projects WHERE user_id = ? ORDER BY sort_order ASC");
+$stmt->execute([$user_id]);
+$projects = $stmt->fetchAll();
 
 foreach ($projects as &$project) {
-    $stmt = $pdo->prepare("SELECT * FROM tasks WHERE project_id = ? ORDER BY created_at");
-    $stmt->execute([$project['id']]);
+    $stmt = $pdo->prepare("SELECT * FROM tasks WHERE project_id = ? AND user_id = ? ORDER BY created_at");
+    $stmt->execute([$project['id'], $user_id]);
     $project['tasks'] = $stmt->fetchAll();
 
     foreach ($project['tasks'] as &$task) {
-        $stmt = $pdo->prepare("SELECT * FROM subtasks WHERE task_id = ? ORDER BY created_at");
-        $stmt->execute([$task['id']]);
+        $stmt = $pdo->prepare("SELECT * FROM subtasks WHERE task_id = ? AND user_id = ? ORDER BY created_at");
+        $stmt->execute([$task['id'], $user_id]);
         $task['subtasks'] = $stmt->fetchAll();
     }
 }
 
-echo json_encode($projects);
-?>
+echo json_encode($projects);