From 76aa2ab76d8f2305db7a2bb7cdbe461cca0146a3 Mon Sep 17 00:00:00 2001
From: "Justin J. Novack" <jnovack@gmail.com>
Date: Mon, 17 Sep 2012 09:53:19 -0400
Subject: ADD: Add identity to /forbidden page for easy administration

---
 www/secure.php | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'www/secure.php')

diff --git a/www/secure.php b/www/secure.php
index 07cdfb6..4b81d59 100644
--- a/www/secure.php
+++ b/www/secure.php
@@ -9,4 +9,12 @@ if (!isset($_SESSION['identity'])) {
     header("Location: /login");
     exit;
 }
+if ($GLOBALS['phorkie']['auth']['secure'] > 0 &&
+    $GLOBALS['phorkie']['auth']['userlist']) {
+    if (!in_array($_SESSION['identity'], $GLOBALS['phorkie']['users'])) {
+        $redirect = 'http://' . $_SERVER['HTTP_HOST'] . "/forbidden";
+        header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));
+        exit;
+    }
+}
 ?>
-- 
cgit v1.2.3