backend: add session validation check

author Andrew Dolgov <fox@fakecake.org>

Thu, 11 Apr 2013 17:39:54 +0000 (21:39 +0400)

committer Andrew Dolgov <fox@fakecake.org>

Thu, 11 Apr 2013 17:39:54 +0000 (21:39 +0400)
author Andrew Dolgov <fox@fakecake.org>
Thu, 11 Apr 2013 17:39:54 +0000 (21:39 +0400)
committer Andrew Dolgov <fox@fakecake.org>
Thu, 11 Apr 2013 17:39:54 +0000 (21:39 +0400)
diff --git a/backend.php b/backend.php

index 9eb3989e4c2311b2837c838e761912d2ad32fe45..6ee0e081f549eca4c6c3ac2cc676ac66066253e7 100644 (file)
--- a/backend.php
+++ b/backend.php
@@ -62,6 +62,11 @@
         }
  
         if ($_SESSION["uid"]) {
+               if (!validate_session($link)) {
+                       header("Content-Type: text/json");
+                       print json_encode(array("error" => array("code" => 6)));
+                       return;
+               }
                 load_user_plugins($link, $_SESSION["uid"]);
         }
author	Andrew Dolgov <fox@fakecake.org>
	Thu, 11 Apr 2013 17:39:54 +0000 (21:39 +0400)
committer	Andrew Dolgov <fox@fakecake.org>
	Thu, 11 Apr 2013 17:39:54 +0000 (21:39 +0400)