From e0020d728d54bd97ced9df34a38ef9c39e05ff48 Mon Sep 17 00:00:00 2001
From: lsces <lester@lsces.co.uk>
Date: Thu, 16 Apr 2026 11:29:15 +0100
Subject: Extend session information to allow extra security when accessing
 private content. Use nginx auth_request to secure storage area from unmanaged
 use.

---
 includes/bit_setup_inc.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/includes/bit_setup_inc.php b/includes/bit_setup_inc.php
index 0c1a476..1d0bc91 100755
--- a/includes/bit_setup_inc.php
+++ b/includes/bit_setup_inc.php
@@ -132,8 +132,13 @@ if( empty( $gBitUser ) || !$gBitUser->isValid() ) {
 		if( empty($gBitUser) ) {
 			$gBitUser = new RolePermUser();
 			// maybe do something...
+			unset( $_SESSION['user_role'] );
 		}
 	}
+} else {
+	if (empty($_SESSION['user_role'])) {
+		$_SESSION['user_role'] = 3;
+	}
 }
 
 $gBitSmarty->assign( 'gBitUser', $gBitUser );
-- 
cgit v1.3