Nemcio/tinyfilemanager
1
0
Fork 0
mirror of https://github.com/prasathmani/tinyfilemanager.git synced 2025-12-24 00:59:48 +01:00
Code Issues Packages Projects Releases Wiki Activity

Advanced Search not working for read-only users #1325

Browse Source
This commit is contained in:
Prasath Mani
2025-11-13 13:28:40 +05:30
committed by GitHub
parent dd2e22781b
commit dd79258999
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
tinyfilemanager.php
View File

@@ -459,7 +459,7 @@ unset($p, $use_auth, $iconv_input_encoding, $use_highlightjs, $highlightjs_style
/*************************** ACTIONS ***************************/ /*************************** ACTIONS ***************************/
// Handle all AJAX Request // Handle all AJAX Request
if ((isset($_SESSION[FM_SESSION_ID]['logged'], $auth_users[$_SESSION[FM_SESSION_ID]['logged']]) || !FM_USE_AUTH) && isset($_POST['ajax'], $_POST['token']) && !FM_READONLY) { if ((isset($_SESSION[FM_SESSION_ID]['logged'], $auth_users[$_SESSION[FM_SESSION_ID]['logged']]) || !FM_USE_AUTH) && isset($_POST['ajax'], $_POST['token'])) {
if (!verifyToken($_POST['token'])) { if (!verifyToken($_POST['token'])) {
header('HTTP/1.0 401 Unauthorized'); header('HTTP/1.0 401 Unauthorized');
die("Invalid Token."); die("Invalid Token.");
@@ -473,6 +473,10 @@ if ((isset($_SESSION[FM_SESSION_ID]['logged'], $auth_users[$_SESSION[FM_SESSION_
exit(); exit();
} }
if(FM_READONLY){
exit();
}
// save editor file // save editor file
if (isset($_POST['type']) && $_POST['type'] == "save") { if (isset($_POST['type']) && $_POST['type'] == "save") {
// get current path // get current path