From: Andrew Dolgov Date: Thu, 11 Apr 2013 17:39:54 +0000 (+0400) Subject: backend: add session validation check X-Git-Tag: 1.7.9~25^2~248 X-Git-Url: https://git.wh0rd.org/?a=commitdiff_plain;h=ccfa90803bd094a4eaa8959a9bd9c2d775b7788c;p=tt-rss.git backend: add session validation check --- diff --git a/backend.php b/backend.php index 9eb3989e..6ee0e081 100644 --- a/backend.php +++ b/backend.php @@ -62,6 +62,11 @@ } if ($_SESSION["uid"]) { + if (!validate_session($link)) { + header("Content-Type: text/json"); + print json_encode(array("error" => array("code" => 6))); + return; + } load_user_plugins($link, $_SESSION["uid"]); }