summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJesse Morgan <jesse@jesterpm.net>2011-06-02 16:20:09 -0700
committerJesse Morgan <jesse@jesterpm.net ; true>2011-06-02 16:20:09 -0700
commit1800a1e9022a9f4316e0d57a650faed9da0e8df4 (patch)
tree99b52ea36c148243064762bf0aa02260501aa5cd
parentf08eb1640388e1f067102a22ec40c30f263d92c6 (diff)
Require admin rights to access users page
-rw-r--r--htdocs/moderate/users/delete.php6
-rw-r--r--htdocs/moderate/users/editor.php6
-rw-r--r--htdocs/moderate/users/index.php6
3 files changed, 18 insertions, 0 deletions
diff --git a/htdocs/moderate/users/delete.php b/htdocs/moderate/users/delete.php
index f721f30..875c0c7 100644
--- a/htdocs/moderate/users/delete.php
+++ b/htdocs/moderate/users/delete.php
@@ -10,6 +10,12 @@
require_once('../../src/base.inc.php');
+// Verify User is admin
+if (!$_SESSION['currentUser']->isAdmin()) {
+ header('Location: ' . buildUrl('moderate/'));
+ exit;
+}
+
$error = '';
$user = false;
diff --git a/htdocs/moderate/users/editor.php b/htdocs/moderate/users/editor.php
index 21be99e..c44928f 100644
--- a/htdocs/moderate/users/editor.php
+++ b/htdocs/moderate/users/editor.php
@@ -10,6 +10,12 @@
require_once('../../src/base.inc.php');
+// Verify User is admin
+if (!$_SESSION['currentUser']->isAdmin()) {
+ header('Location: ' . buildUrl('moderate/'));
+ exit;
+}
+
$error = '';
// Get the current user object.
diff --git a/htdocs/moderate/users/index.php b/htdocs/moderate/users/index.php
index cda6232..c4aee54 100644
--- a/htdocs/moderate/users/index.php
+++ b/htdocs/moderate/users/index.php
@@ -10,6 +10,12 @@
require_once('../../src/base.inc.php');
+// Verify User is admin
+if (!$_SESSION['currentUser']->isAdmin()) {
+ header('Location: ' . buildUrl('moderate/'));
+ exit;
+}
+
$error = '';
require_once('../src/header.inc.php');