check if user is valid before using it

2025-05-11 20:21:16 +00:00 · 2015-07-14 21:34:51 +02:00 · 2015-07-14 21:34:51 +02:00 · f616c6cf39
commit f616c6cf39
parent bdfb552204
1 changed files with 6 additions and 5 deletions
--- a/inc/inc.Authentication.php
+++ b/inc/inc.Authentication.php
@ -69,6 +69,12 @@ if (!isset($_COOKIE["mydms_session"])) {
 	/* Load user data */

 	$user = $dms->getUser($resArr["userID"]);
+	if (!is_object($user)) {
+		setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot); //delete cookie
+		header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer);
+		exit;
+	}
+
 	if($user->isAdmin()) {
 		if($resArr["su"]) {
 			$user = $dms->getUser($resArr["su"]);
@ -76,11 +82,6 @@ if (!isset($_COOKIE["mydms_session"])) {
 			$session->resetSu();
 		}
 	}
-	if (!is_object($user)) {
-		setcookie("mydms_session", $dms_session, time()-3600, $settings->_httpRoot); //delete cookie
-		header("Location: " . $settings->_httpRoot . "out/out.Login.php?referuri=".$refer);
-		exit;
-	}
 	$theme = $resArr["theme"];
 	$lang = $resArr["language"];
 }