backend: add session validation check

11 years ago · ccfa90803b
parent b229a18456
commit ccfa90803b
1 changed files with 5 additions and 0 deletions
--- a/backend.php
+++ b/backend.php
@ -62,6 +62,11 @@
 	}

 	if ($_SESSION["uid"]) {
+		if (!validate_session($link)) {
+			header("Content-Type: text/json");
+			print json_encode(array("error" => array("code" => 6)));
+			return;
+		}
 		load_user_plugins($link, $_SESSION["uid"]);
 	}