diff options
author | Jesse Morgan <jesse@jesterpm.net> | 2011-06-02 16:20:09 -0700 |
---|---|---|
committer | Jesse Morgan <jesse@jesterpm.net ; true> | 2011-06-02 16:20:09 -0700 |
commit | 1800a1e9022a9f4316e0d57a650faed9da0e8df4 (patch) | |
tree | 99b52ea36c148243064762bf0aa02260501aa5cd | |
parent | f08eb1640388e1f067102a22ec40c30f263d92c6 (diff) |
Require admin rights to access users page
-rw-r--r-- | htdocs/moderate/users/delete.php | 6 | ||||
-rw-r--r-- | htdocs/moderate/users/editor.php | 6 | ||||
-rw-r--r-- | htdocs/moderate/users/index.php | 6 |
3 files changed, 18 insertions, 0 deletions
diff --git a/htdocs/moderate/users/delete.php b/htdocs/moderate/users/delete.php index f721f30..875c0c7 100644 --- a/htdocs/moderate/users/delete.php +++ b/htdocs/moderate/users/delete.php @@ -10,6 +10,12 @@ require_once('../../src/base.inc.php'); +// Verify User is admin +if (!$_SESSION['currentUser']->isAdmin()) { + header('Location: ' . buildUrl('moderate/')); + exit; +} + $error = ''; $user = false; diff --git a/htdocs/moderate/users/editor.php b/htdocs/moderate/users/editor.php index 21be99e..c44928f 100644 --- a/htdocs/moderate/users/editor.php +++ b/htdocs/moderate/users/editor.php @@ -10,6 +10,12 @@ require_once('../../src/base.inc.php'); +// Verify User is admin +if (!$_SESSION['currentUser']->isAdmin()) { + header('Location: ' . buildUrl('moderate/')); + exit; +} + $error = ''; // Get the current user object. diff --git a/htdocs/moderate/users/index.php b/htdocs/moderate/users/index.php index cda6232..c4aee54 100644 --- a/htdocs/moderate/users/index.php +++ b/htdocs/moderate/users/index.php @@ -10,6 +10,12 @@ require_once('../../src/base.inc.php'); +// Verify User is admin +if (!$_SESSION['currentUser']->isAdmin()) { + header('Location: ' . buildUrl('moderate/')); + exit; +} + $error = ''; require_once('../src/header.inc.php'); |