Security for Admin

For security, Logout from admin panel when user no longer has admin access
2025-12-16 04:59:42 +01:00 · 2022-10-09 11:24:25 +01:00
parent fa51e9ca15
commit 3974a2f4a4
1 changed files with 3 additions and 0 deletions
--- a/admin/index.php
+++ b/admin/index.php
@@ -29,6 +29,9 @@ if (! $username)
 {
    is_array($plugin_run_result = Plugins::getInstance()->run('user_not_admin_admin_page', get_defined_vars())) ? extract($plugin_run_result) : null; //run hook
    redirect(PATH . 'ucp.php?go=login&return=' . urlencode(ADMIN_PATH . '?cp=' . $go_to));
+}else if(!user_can('enter_acp')){
+    $usrcp->logout_cp();
+    redirect($config['siteurl']);
 }

 //get language of admin