mirrors
/
easyappointments
mirror of https://github.com/alextselegidis/easyappointments.git
1
0
Fork 1
Code Issues Packages Projects Releases Wiki Activity

Check the role slug in Api.php

This commit is contained in:
Alex Tselegidis 2022-05-09 23:26:28 +02:00
parent f0e976c9ac
commit 63dbb51dec
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
application/libraries/Api.php
View File

@ -77,7 +77,9 @@ class Api {
$password = $_SERVER['PHP_AUTH_PW']; $password = $_SERVER['PHP_AUTH_PW'];
if ( ! $this->CI->accounts->check_login($username, $password)) $userdata = $this->CI->accounts->check_login($username, $password);
if (empty($userdata['role_slug']) || $userdata['role_slug'] !== DB_SLUG_ADMIN)
{ {
throw new RuntimeException('The provided credentials do not match any admin user!', 401, 'Unauthorized'); throw new RuntimeException('The provided credentials do not match any admin user!', 401, 'Unauthorized');
} }