maket/MaketRandevu
1
1
Fork 0
Code Issues 15 Pull requests Projects Releases 4 Packages Wiki Activity

Check the role slug in Api.php

Browse source
This commit is contained in:
Alex Tselegidis 2022-05-09 23:26:28 +02:00
parent f0e976c9ac
commit 63dbb51dec
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
application/libraries/Api.php
View file

@ -77,7 +77,9 @@ class Api {
$password = $_SERVER['PHP_AUTH_PW'];
if ( ! $this->CI->accounts->check_login($username, $password))
$userdata = $this->CI->accounts->check_login($username, $password);
if (empty($userdata['role_slug']) || $userdata['role_slug'] !== DB_SLUG_ADMIN)
{
throw new RuntimeException('The provided credentials do not match any admin user!', 401, 'Unauthorized');
}