add api validation

7 years ago · 224025650a
parent 8b2c07861d
commit 224025650a
1 changed files with 5 additions and 2 deletions
--- a/php/index.php
+++ b/php/index.php
@ -60,8 +60,11 @@ if (!empty($fn)) {
 	}

 	// Check if user is logged
-	if ((isset($_SESSION['login'])&&$_SESSION['login']===true)&&
-		(isset($_SESSION['identifier'])&&$_SESSION['identifier']===Settings::get()['identifier'])) {
+	$status = (isset($_SESSION['login'])&&$_SESSION['login']===true)&&
+		(isset($_SESSION['identifier'])&&$_SESSION['identifier']===Settings::get()['identifier']);
+
+	// Use identifier to access api
+	if ($status || ($_POST['identifier']===Settings::get()['identifier'])) {

 		/**
 		 * Admin Access