summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--htdocs/moderate/users/delete.php6
-rw-r--r--htdocs/moderate/users/editor.php6
-rw-r--r--htdocs/moderate/users/index.php6
3 files changed, 18 insertions, 0 deletions
diff --git a/htdocs/moderate/users/delete.php b/htdocs/moderate/users/delete.php
index f721f30..875c0c7 100644
--- a/htdocs/moderate/users/delete.php
+++ b/htdocs/moderate/users/delete.php
@@ -10,6 +10,12 @@
require_once('../../src/base.inc.php');
+// Verify User is admin
+if (!$_SESSION['currentUser']->isAdmin()) {
+ header('Location: ' . buildUrl('moderate/'));
+ exit;
+}
+
$error = '';
$user = false;
diff --git a/htdocs/moderate/users/editor.php b/htdocs/moderate/users/editor.php
index 21be99e..c44928f 100644
--- a/htdocs/moderate/users/editor.php
+++ b/htdocs/moderate/users/editor.php
@@ -10,6 +10,12 @@
require_once('../../src/base.inc.php');
+// Verify User is admin
+if (!$_SESSION['currentUser']->isAdmin()) {
+ header('Location: ' . buildUrl('moderate/'));
+ exit;
+}
+
$error = '';
// Get the current user object.
diff --git a/htdocs/moderate/users/index.php b/htdocs/moderate/users/index.php
index cda6232..c4aee54 100644
--- a/htdocs/moderate/users/index.php
+++ b/htdocs/moderate/users/index.php
@@ -10,6 +10,12 @@
require_once('../../src/base.inc.php');
+// Verify User is admin
+if (!$_SESSION['currentUser']->isAdmin()) {
+ header('Location: ' . buildUrl('moderate/'));
+ exit;
+}
+
$error = '';
require_once('../src/header.inc.php');