summaryrefslogtreecommitdiff
path: root/config/kernel/auth_check.php
diff options
context:
space:
mode:
Diffstat (limited to 'config/kernel/auth_check.php')
-rwxr-xr-xconfig/kernel/auth_check.php32
1 files changed, 0 insertions, 32 deletions
diff --git a/config/kernel/auth_check.php b/config/kernel/auth_check.php
deleted file mode 100755
index 15b7ebc..0000000
--- a/config/kernel/auth_check.php
+++ /dev/null
@@ -1,32 +0,0 @@
-<?php
-// Minimal session check - no framework bootstrap
-include 'auth_config.php';
-
-preg_match( '|/attachments/\d+/(\d+)/|', $_SERVER['REQUEST_URI'], $matches );
-
-if( !empty( $matches[1] ) ) {
- $contentId = (int)$matches[1];
- try {
- $pdo = new PDO( $gBitDbHost, $gBitDbUser, $gBitDbPassword );
-
- // get the role restriction for this content, if any
- $stmt = $pdo->prepare( "SELECT ROLE_ID FROM LIBERTY_CONTENT_ROLE_MAP WHERE CONTENT_ID = ?" );
- $stmt->execute( [$contentId] );
- $requiredRoleId = $stmt->fetchColumn();
-
- if( $requiredRoleId === false ) {
- // no restriction - public content
- http_response_code( 200 );
- } elseif( in_array( (int)$requiredRoleId, $_SESSION['user_role'] ?? [] ) ) {
- http_response_code( 200 );
- } else {
- http_response_code( 403 );
- }
- } catch( PDOException $e ) {
- http_response_code( 403 );
- }
- exit;
-}
-
-// no content_id in URI - nothing to restrict
-http_response_code( 200 ); \ No newline at end of file
generated by cgit v1.3 (git 2.53.0) at 2026-06-29 21:29:22 +0000