sven/ulogger-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix client API: only admin can add users

Browse Source
This commit is contained in:
Bartek Fabiszewski 2017-08-24 11:05:00 +02:00
parent 35019c3d39
commit 1513ff53a3
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
client/index.php
View File

@ -42,6 +42,10 @@ switch ($action) {
// action: adduser (currently unused)
case "adduser":
if (!$user->isAdmin) {
setError($response, "User not authorized");
break;
}
$login = isset($_REQUEST['login']) ? $_REQUEST['login'] : NULL;
$pass = isset($_REQUEST['password']) ? $_REQUEST['password'] : NULL;
if (!empty($login) && !empty($pass)) {