add api validation

2017-11-15 10:48:29 +08:00 · 2017-11-15 10:48:29 +08:00 · 224025650a
commit 224025650a
parent 8b2c07861d
1 changed files with 5 additions and 2 deletions
--- a/php/index.php
+++ b/php/index.php
@ -60,8 +60,11 @@ if (!empty($fn)) {
 	}
 	// Check if user is logged
-	if ((isset($_SESSION['login'])&&$_SESSION['login']===true)&&
+	$status = (isset($_SESSION['login'])&&$_SESSION['login']===true)&&
-		(isset($_SESSION['identifier'])&&$_SESSION['identifier']===Settings::get()['identifier'])) {
+		(isset($_SESSION['identifier'])&&$_SESSION['identifier']===Settings::get()['identifier']);
 	// Use identifier to access api
 	if ($status || ($_POST['identifier']===Settings::get()['identifier'])) {
 		/**
 		 * Admin Access