prevent admin hijacks

2011-01-04 22:17:58 -08:00 · 2011-01-04 22:17:58 -08:00 · bb0c24bd4f
commit bb0c24bd4f
parent 45c1559b38
3 changed files with 10 additions and 1 deletions
--- a/mod/regmod.php
+++ b/mod/regmod.php
@ -12,6 +12,11 @@ function regmod_content(&$a) {
 		return $o;
 	}

+	if((! (x($a->config,'admin_email'))) || ($a->config['admin_email'] !== $a->user['email'])) {
+		notice( t('Permission denied.') . EOL);
+		return '';
+	}
+
 	if($a->argc != 3)
 		killme();