Deny access to disabled accounts
This commit is contained in:
parent
e92bea8849
commit
03b88dc9fb
1 changed files with 1 additions and 1 deletions
|
@ -370,7 +370,7 @@ function manageCheckLogIn($requireKey) {
|
|||
|
||||
if (isset($_SESSION['tinyib_username']) && isset($_SESSION['tinyib_password'])) {
|
||||
$a = accountByUsername($_SESSION['tinyib_username']);
|
||||
if (!empty($a) && $a['password'] == $_SESSION['tinyib_password']) {
|
||||
if (!empty($a) && $a['password'] == $_SESSION['tinyib_password'] && $a['role'] != TINYIB_DISABLED) {
|
||||
$account = $a;
|
||||
$loggedin = true;
|
||||
if ($account['role'] == TINYIB_SUPER_ADMINISTRATOR || $account['role'] == TINYIB_ADMINISTRATOR) {
|
||||
|
|
Loading…
Reference in a new issue