X-Git-Url: https://git.cweiske.de/phorkie.git/blobdiff_plain/a73791f16d10ea0e2c477f29d9049d75516aa774..13989a4e7cb4453225762dab6b5e5a7565b43df8:/www/secure.php

diff --git a/www/secure.php b/www/secure.php
index 5893033..e614087 100644
--- a/www/secure.php
+++ b/www/secure.php
@@ -7,5 +7,20 @@ require_once 'www-header.php';
 $_SESSION['REQUEST_URI'] = $_SERVER['REQUEST_URI'];
 if (!isset($_SESSION['identity'])) {
     header("Location: /login");
+    exit;
+}
+if ($GLOBALS['phorkie']['auth']['secure'] > 0 &&
+    $GLOBALS['phorkie']['auth']['userlist']) {
+    if (!in_array($_SESSION['identity'], $GLOBALS['phorkie']['users'])) {
+        header('HTTP/1.1 403 Forbidden');
+        $db = new Database();
+        render(
+            'forbidden',
+            array(
+                'recents'     => $db->getSearch()->listAll(0, 5, 'crdate', 'desc'),
+            )
+        );
+        exit;
+    }
 }
 ?>