From f20662a3d8662a5a05b42fcf671fa5beed1c5025 Mon Sep 17 00:00:00 2001
From: Peter Griffin <andi@anditv.dev>
Date: Mon, 23 Sep 2024 14:33:08 +0200
Subject: [PATCH] =?UTF-8?q?=E2=9C=85=20Added=20missing=20checks=20(#176)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/admin/bans.php         | 3 +++
 src/admin/codes.php        | 4 ++++
 src/admin/gift.php         | 4 ++++
 src/admin/index.php        | 6 +++++-
 src/admin/ip_whitelist.php | 4 ++++
 src/admin/password.php     | 3 +++
 src/admin/userinvites.php  | 3 +++
 src/admin/users.php        | 3 +++
 src/auth/logout.php        | 4 ++++
 src/user/userlist.php      | 4 +++-
 10 files changed, 36 insertions(+), 2 deletions(-)

diff --git a/src/admin/bans.php b/src/admin/bans.php
index 173070aa..8537504e 100644
--- a/src/admin/bans.php
+++ b/src/admin/bans.php
@@ -9,6 +9,9 @@
 $admin = new AdminController();
 Session::init();
 
+if (!Session::isLogged()) {
+   Util::redirect('/auth/login.php');
+}
 // Fetch user data
 $userList = $admin->getUserArray();
 $bannedUserList = $admin->getbannedArray();
diff --git a/src/admin/codes.php b/src/admin/codes.php
index 1e9564d8..040ed24e 100644
--- a/src/admin/codes.php
+++ b/src/admin/codes.php
@@ -9,6 +9,10 @@
 $admin = new AdminController();
 Session::init();
 
+if (!Session::isLogged()) {
+  Util::redirect('/auth/login.php');
+}
+
 // Get session username
 $username = Session::get("username");
 
diff --git a/src/admin/gift.php b/src/admin/gift.php
index ddedea5b..8f2edb97 100644
--- a/src/admin/gift.php
+++ b/src/admin/gift.php
@@ -8,6 +8,10 @@
 $admin = new AdminController();
 Session::init();
 
+if (!Session::isLogged()) {
+   Util::redirect('/auth/login.php');
+}
+
 // Get session username and user list
 $username = Session::get("username");
 $userList = $admin->getUserArray();
diff --git a/src/admin/index.php b/src/admin/index.php
index 8e08cb41..330b1dc0 100644
--- a/src/admin/index.php
+++ b/src/admin/index.php
@@ -10,7 +10,9 @@
 
 Session::init();
 
-Util::adminCheck();
+if (!Session::isLogged()) {
+   Util::redirect('/auth/login.php');
+}
 
 $username = Session::get("username");
 $uid = Session::get("uid");
@@ -18,6 +20,8 @@
 $sub = $user->getSubStatus();
 
 Util::banCheck();
+Util::checktoken();
+Util::suppCheck();
 Util::head("Admin Panel");
 
 // Handle POST request
diff --git a/src/admin/ip_whitelist.php b/src/admin/ip_whitelist.php
index 6d07ccd9..98133e22 100644
--- a/src/admin/ip_whitelist.php
+++ b/src/admin/ip_whitelist.php
@@ -8,6 +8,10 @@
 $admin = new AdminController();
 Session::init();
 
+if (!Session::isLogged()) {
+    Util::redirect('/auth/login.php');
+ }
+
 // Security checks and page setup
 Util::banCheck();
 Util::checktoken();
diff --git a/src/admin/password.php b/src/admin/password.php
index 29f5aa58..a9415bd6 100644
--- a/src/admin/password.php
+++ b/src/admin/password.php
@@ -8,6 +8,9 @@
 $admin = new AdminController();
 
 Session::init();
+if (!Session::isLogged()) {
+    Util::redirect('/auth/login.php');
+ }
 
 $userList = $admin->getUserArray();
 $username = Session::get('username');
diff --git a/src/admin/userinvites.php b/src/admin/userinvites.php
index 59ff96df..420fdd8e 100644
--- a/src/admin/userinvites.php
+++ b/src/admin/userinvites.php
@@ -8,6 +8,9 @@
 $admin = new AdminController();
 
 Session::init();
+if (!Session::isLogged()) {
+  Util::redirect('/auth/login.php');
+}
 
 $username = Session::get("username");
 
diff --git a/src/admin/users.php b/src/admin/users.php
index 0d8b5f38..feffb177 100644
--- a/src/admin/users.php
+++ b/src/admin/users.php
@@ -8,6 +8,9 @@
 $admin = new AdminController();
 Session::init();
 
+if (!Session::isLogged()) {
+   Util::redirect('/auth/login.php');
+}
 // Get session username and user list
 $username = Session::get("username");
 $userList = $admin->getUserArray();
diff --git a/src/auth/logout.php b/src/auth/logout.php
index 896ee2af..cd5cdd10 100644
--- a/src/auth/logout.php
+++ b/src/auth/logout.php
@@ -4,6 +4,10 @@
 
 Session::init();
 
+if (!Session::isLogged()) {
+    Util::redirect('/auth/login.php');
+}
+
 $user = new UserController();
 $user->logoutUser();
 
diff --git a/src/user/userlist.php b/src/user/userlist.php
index b6d867de..93b18d8c 100644
--- a/src/user/userlist.php
+++ b/src/user/userlist.php
@@ -8,7 +8,9 @@
 
 
 Session::init();
-
+if (!Session::isLogged()) {
+    Util::redirect('/auth/login.php');
+}
 
 $username = Session::get("username");
 $uid = Session::get("uid");