Jakach/jakach-login
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fixing some security issues and harderning service
Deploy / deploy (push) Successful in 38s
Details

Browse Source
This commit is contained in:
janis steiner
2026-05-06 08:51:51 +02:00
parent 4d8ce1da43
commit 7ae7df0a11
30 changed files with 328 additions and 124 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app-code/api/manage/delete_user.php
+4 -2
View File
@@ -1,8 +1,10 @@
<?php
header('Content-Type: application/json');
session_start();
include "../utils/security.php";
secure_session_start();
require_same_origin_request();
//check for permisisons
if (!isset($_SESSION["logged_in"]) || $_SESSION["logged_in"] !== true || $_SESSION["permissions"][0]!=="1" ) {
if (!isset($_SESSION["logged_in"]) || $_SESSION["logged_in"] !== true || !is_admin_session() ) {
echo(json_encode(['success' => false, 'message'=>'not authenticated']));
exit();
}
app-code/api/manage/fetch_users.php
+3 -2
View File
@@ -1,8 +1,9 @@
<?php
header('Content-Type: application/json');
session_start();
include "../utils/security.php";
secure_session_start();
//check for permisisons
if (!isset($_SESSION["logged_in"]) || $_SESSION["logged_in"] !== true || $_SESSION["permissions"][0]!=="1" ) {
if (!isset($_SESSION["logged_in"]) || $_SESSION["logged_in"] !== true || !is_admin_session() ) {
echo(json_encode(['success' => false, 'message'=>'not authenticated']));
exit();
}