Skip to content

Commit

Permalink
Replace checkSession() with is_admin()
Browse files Browse the repository at this point in the history
  • Loading branch information
Groruk committed Oct 6, 2021
1 parent 5f14636 commit 8760d6e
Showing 1 changed file with 3 additions and 2 deletions.
5 changes: 3 additions & 2 deletions web/includes/sb-callback.php
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@
$xajax->setRequestURI(XAJAX_REQUEST_URI);
global $userbank;

if (\SessionManager::checkSession()) {
if ($userbank->is_admin()) {
$xajax->registerFunction("AddMod");
$xajax->registerFunction("RemoveMod");
$xajax->registerFunction("AddGroup");
Expand Down Expand Up @@ -1885,10 +1885,11 @@ function PrepareReban($bid)

function SetupEditServer($sid)
{
global $userbank;
$objResponse = new xajaxResponse();
$sid = (int)$sid;

if(!$userbank->HasAccess(ADMIN_OWNER|ADMIN_SERVER_SETTINGS|ADMIN_SERVER_ADD))
if(!$userbank->HasAccess(ADMIN_OWNER|ADMIN_EDIT_SERVERS))
{
$objResponse->redirect("index.php?p=login&m=no_access", 0);
$log = new CSystemLog("w", "Hacking Attempt", $username . " tried to edit a server, but doesn't have access.");
Expand Down

0 comments on commit 8760d6e

Please sign in to comment.