Skip to content

Commit

Permalink
SEC: ensure actions and graph data are not available without authenti…
Browse files Browse the repository at this point in the history 
…cation
  • Loading branch information
@dtucny
dtucny committed Mar 4, 2017
1 parent 863cf9c commit f712d7c
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 0 deletions.
6 changes: 6 additions & 0 deletions actions_add_remove.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,12 @@
You should have received a copy of the GNU General Public License
along with Foobar. If not, see <http://www.gnu.org/licenses/>.
*/
session_start();
session_cache_limiter('nocache');
$cache_limiter = session_cache_limiter();

if (!isset($_SESSION['loggedin'])) exit();

require_once ('inc/db.php');

function Redirect_Servers ($server, $permanent = false) {
Expand Down
6 changes: 6 additions & 0 deletions getgraph.php
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,10 @@
<?php
session_start();
session_cache_limiter('nocache');
$cache_limiter = session_cache_limiter();

if (!isset($_SESSION['loggedin'])) exit();

require_once 'inc/db.php';
$dblink = db_connect();
// Packages with updates
Expand Down

0 comments on commit f712d7c

Please sign in to comment.