✅ Added missing checks (#176)

anditv21 · anditv21 · commit f20662a3d866 · 2024-09-23T14:33:08.000+02:00
diff --git a/src/admin/bans.php b/src/admin/bans.php
@@ -9,6 +9,9 @@
 $admin = new AdminController();
 Session::init();
 
+if (!Session::isLogged()) {
+   Util::redirect('/auth/login.php');
+}
 // Fetch user data
 $userList = $admin->getUserArray();
 $bannedUserList = $admin->getbannedArray();
diff --git a/src/admin/codes.php b/src/admin/codes.php
@@ -9,6 +9,10 @@
 $admin = new AdminController();
 Session::init();
 
+if (!Session::isLogged()) {
+  Util::redirect('/auth/login.php');
+}
+
 // Get session username
 $username = Session::get("username");
 
diff --git a/src/admin/gift.php b/src/admin/gift.php
@@ -8,6 +8,10 @@
 $admin = new AdminController();
 Session::init();
 
+if (!Session::isLogged()) {
+   Util::redirect('/auth/login.php');
+}
+
 // Get session username and user list
 $username = Session::get("username");
 $userList = $admin->getUserArray();
diff --git a/src/admin/index.php b/src/admin/index.php
@@ -10,14 +10,18 @@
 
 Session::init();
 
-Util::adminCheck();
+if (!Session::isLogged()) {
+   Util::redirect('/auth/login.php');
+}
 
 $username = Session::get("username");
 $uid = Session::get("uid");
 
 $sub = $user->getSubStatus();
 
 Util::banCheck();
+Util::checktoken();
+Util::suppCheck();
 Util::head("Admin Panel");
 
 // Handle POST request
diff --git a/src/admin/ip_whitelist.php b/src/admin/ip_whitelist.php
@@ -8,6 +8,10 @@
 $admin = new AdminController();
 Session::init();
 
+if (!Session::isLogged()) {
+    Util::redirect('/auth/login.php');
+ }
+
 // Security checks and page setup
 Util::banCheck();
 Util::checktoken();
diff --git a/src/admin/password.php b/src/admin/password.php
@@ -8,6 +8,9 @@
 $admin = new AdminController();
 
 Session::init();
+if (!Session::isLogged()) {
+    Util::redirect('/auth/login.php');
+ }
 
 $userList = $admin->getUserArray();
 $username = Session::get('username');
diff --git a/src/admin/userinvites.php b/src/admin/userinvites.php
@@ -8,6 +8,9 @@
 $admin = new AdminController();
 
 Session::init();
+if (!Session::isLogged()) {
+  Util::redirect('/auth/login.php');
+}
 
 $username = Session::get("username");
 
diff --git a/src/admin/users.php b/src/admin/users.php
@@ -8,6 +8,9 @@
 $admin = new AdminController();
 Session::init();
 
+if (!Session::isLogged()) {
+   Util::redirect('/auth/login.php');
+}
 // Get session username and user list
 $username = Session::get("username");
 $userList = $admin->getUserArray();
diff --git a/src/auth/logout.php b/src/auth/logout.php
@@ -4,6 +4,10 @@
 
 Session::init();
 
+if (!Session::isLogged()) {
+    Util::redirect('/auth/login.php');
+}
+
 $user = new UserController();
 $user->logoutUser();
 
diff --git a/src/user/userlist.php b/src/user/userlist.php
@@ -8,7 +8,9 @@
 
 
 Session::init();
-
+if (!Session::isLogged()) {
+    Util::redirect('/auth/login.php');
+}
 
 $username = Session::get("username");
 $uid = Session::get("uid");
