fix aws
This commit is contained in:
Purple
@@ -28,6 +28,10 @@ define('AUTH_USERNAME', getenv('AUTH_USERNAME') ?: 'admin');
|
||||
define('AUTH_PASSWORD', getenv('AUTH_PASSWORD') ?: 'changeme');
|
||||
define('SESSION_TIMEOUT', 86400); // 24 hours
|
||||
|
||||
// Admin emails (comma-separated list of emails that should have admin access)
|
||||
// Used with Cloudflare Access authentication
|
||||
define('ADMIN_EMAILS', getenv('ADMIN_EMAILS') ?: '');
|
||||
|
||||
// IP Registry configuration
|
||||
define('IPREGISTRY_API_KEY', getenv('IPREGISTRY_API_KEY') ?: '');
|
||||
|
||||
|
||||
@@ -72,34 +72,44 @@ function getCurrentUser() {
|
||||
* @return string Role (admin or staff)
|
||||
*/
|
||||
function getUserRole($email) {
|
||||
global $db;
|
||||
|
||||
// If no database connection, check config for admin emails
|
||||
if (!isset($db)) {
|
||||
// Check if user is in admin list from environment/config
|
||||
$adminEmails = getenv('ADMIN_EMAILS') ?: '';
|
||||
$adminList = array_map('trim', explode(',', $adminEmails));
|
||||
|
||||
if (in_array($email, $adminList)) {
|
||||
return ROLE_ADMIN;
|
||||
}
|
||||
|
||||
if (empty($email)) {
|
||||
return ROLE_STAFF;
|
||||
}
|
||||
|
||||
try {
|
||||
$stmt = $db->prepare("SELECT role FROM users WHERE email = ? AND active = 1");
|
||||
$stmt->execute([$email]);
|
||||
$result = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
|
||||
if ($result && !empty($result['role'])) {
|
||||
return $result['role'];
|
||||
// First, check environment variable for admin emails (highest priority)
|
||||
$adminEmails = getenv('ADMIN_EMAILS');
|
||||
if (!empty($adminEmails)) {
|
||||
$adminList = array_map('trim', explode(',', $adminEmails));
|
||||
if (in_array($email, $adminList)) {
|
||||
return ROLE_ADMIN;
|
||||
}
|
||||
} catch (Exception $e) {
|
||||
// Table might not exist yet, fall through to default
|
||||
}
|
||||
|
||||
// Default to staff if not found
|
||||
// Also check if defined as a constant (from config.php)
|
||||
if (defined('ADMIN_EMAILS') && !empty(ADMIN_EMAILS)) {
|
||||
$adminList = array_map('trim', explode(',', ADMIN_EMAILS));
|
||||
if (in_array($email, $adminList)) {
|
||||
return ROLE_ADMIN;
|
||||
}
|
||||
}
|
||||
|
||||
// Try database lookup if getDB function exists
|
||||
if (function_exists('getDB')) {
|
||||
try {
|
||||
$db = getDB();
|
||||
$stmt = $db->prepare("SELECT role FROM users WHERE email = ? AND active = 1");
|
||||
$stmt->execute([$email]);
|
||||
$result = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
|
||||
if ($result && !empty($result['role'])) {
|
||||
return $result['role'];
|
||||
}
|
||||
} catch (Exception $e) {
|
||||
// Table might not exist yet, fall through to default
|
||||
}
|
||||
}
|
||||
|
||||
// Default to staff if not found in env or database
|
||||
return ROLE_STAFF;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user