Update api.php
Add $admincheck to store a complete copy of $email. $email appears to be overwritten during the check if the var is empty. now the admin check compares the complete email against the one from the config file.
This commit is contained in:
manfromafar
GitHub
parent
cb50641bc4
commit
3d072d22c5
|
|
@ -16,6 +16,11 @@ else $url = array_filter(explode('/',ltrim(parse_url($_SERVER['REQUEST_URI'], PH
|
|||
|
||||
$action = strtolower($_REQUEST['a']);
|
||||
$email = strtolower($_REQUEST['email']);
|
||||
// quick hack to get admin email working.
|
||||
// by the time $email is checked its been over written.
|
||||
// store a copy in $admincheck to compare later.
|
||||
$admincheck = $email
|
||||
|
||||
if(!empty($email)){
|
||||
if(!filter_var($email, FILTER_VALIDATE_EMAIL)){
|
||||
// email param provided, but invalid: skip action and show invalid email error
|
||||
|
|
@ -87,7 +92,7 @@ switch($action)
|
|||
|
||||
case 'list':
|
||||
$settings = loadSettings();
|
||||
if($settings['ADMIN'] && $settings['ADMIN']==$email)
|
||||
if($settings['ADMIN'] && $settings['ADMIN']==$admincheck)
|
||||
{
|
||||
$o['status'] = 'ok';
|
||||
$o['type'] = 'admin';
|
||||
|
|
@ -131,4 +136,4 @@ switch($action)
|
|||
break;
|
||||
}
|
||||
|
||||
echo json_encode($o);
|
||||
echo json_encode($o);
|
||||
|
|
|
|||
Loading…
Reference in a new issue