From 1800a1e9022a9f4316e0d57a650faed9da0e8df4 Mon Sep 17 00:00:00 2001
From: Jesse Morgan <jesse@jesterpm.net>
Date: Thu, 2 Jun 2011 16:20:09 -0700
Subject: Require admin rights to access users page

---
 htdocs/moderate/users/editor.php | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'htdocs/moderate/users/editor.php')

diff --git a/htdocs/moderate/users/editor.php b/htdocs/moderate/users/editor.php
index 21be99e..c44928f 100644
--- a/htdocs/moderate/users/editor.php
+++ b/htdocs/moderate/users/editor.php
@@ -10,6 +10,12 @@
 
 require_once('../../src/base.inc.php');
 
+// Verify User is admin
+if (!$_SESSION['currentUser']->isAdmin()) {
+    header('Location: ' . buildUrl('moderate/'));
+    exit;
+}
+
 $error = '';
 
 // Get the current user object.
-- 
cgit v1.2.3