From 79d83eacb385207428755ea1a40b024873f86e3b Mon Sep 17 00:00:00 2001
From: jakani24 <janis.st44@gmail.com>
Date: Sat, 20 Jan 2024 09:48:04 +0100
Subject: [PATCH] added  no_access

---
 .../system/insecure_zone/php/no_access.php    | 28 +++++++++++++++++++
 .../system/secure_zone/php/add_user.php       |  4 +--
 2 files changed, 30 insertions(+), 2 deletions(-)
 create mode 100644 src/server/cyberhex-code/system/insecure_zone/php/no_access.php

diff --git a/src/server/cyberhex-code/system/insecure_zone/php/no_access.php b/src/server/cyberhex-code/system/insecure_zone/php/no_access.php
new file mode 100644
index 0000000..5c3ea30
--- /dev/null
+++ b/src/server/cyberhex-code/system/insecure_zone/php/no_access.php
@@ -0,0 +1,28 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-EVSTQN3/azprG1Anm3QDgpJLIm9Nao0Yz1ztcQTwFspd3yD65VohhpuuCOmLASjC" crossorigin="anonymous">
+    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js" integrity="sha384-MrcW6ZMFYlzcLA8Nl+NtUVF0sA7MsXsP1UyJoMp4YLEuNSfAP+JcXn/tWtIaxVXM" crossorigin="anonymous"></script>
+	 <title>Change Password</title>
+</head>
+<body>
+
+<div class="container mt-5">
+    <div class="row justify-content-center">
+        <div class="col-md-6">
+            <div class="card">
+                <div class="card-header">
+                    <h4>No Access</h4>
+                </div>
+                <div class="card-body">
+					<div class="alert alert-danger" role="alert">
+												You do not have access to this resource!
+					</div>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+</body>
+</html>
diff --git a/src/server/cyberhex-code/system/secure_zone/php/add_user.php b/src/server/cyberhex-code/system/secure_zone/php/add_user.php
index 98fbd32..af7d491 100644
--- a/src/server/cyberhex-code/system/secure_zone/php/add_user.php
+++ b/src/server/cyberhex-code/system/secure_zone/php/add_user.php
@@ -11,8 +11,8 @@ if (!isset($_SESSION['username']) or !isset($_SESSION["login"])) {
 $username = $_SESSION['username'];
 $perms = $_SESSION["perms"];
 $email = $_SESSION["email"];
-if($perms[0]!=="0"){
-	header("location:no_access.php");
+if($perms[0]!=="1"){
+	header("location:/system/insecure_zone/php/no_access.php");
 	$block=1;
 	exit();
 }else{