add two helper account access levels:

- read only - can't subscribe to more feeds, feed updates are skipped - disabled - can't login define used access levels as UserHelper constants and refactor code to use them instead of hardcoded numbers
author: Andrew Dolgov <[email protected]> 2021-11-10 20:44:51 +0300
committer: Andrew Dolgov <[email protected]> 2021-11-10 20:44:51 +0300
commit: 9e8d69739f21e5ac85977d57a2a6c961e318c26e (patch)
tree: 0fc52f7be644b5f86e236cc7cb8f4dc4351da8f9 /include
parent: 7a52560e4e3b0652d32645b60ae13e4904f606bc (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/include/sessions.php b/include/sessions.php
index 52ab80b71..26f4e0bca 100644
--- a/include/sessions.php
+++ b/include/sessions.php
@@ -1,7 +1,9 @@
 <?php
 	namespace Sessions;
 
-	require_once "autoload.php";
+use UserHelper;
+
+require_once "autoload.php";
 	require_once "functions.php";
 	require_once "errorhandler.php";
 	require_once "lib/gettext/gettext.inc.php";
@@ -42,6 +44,11 @@
 					$_SESSION["login_error_msg"] = __("Session failed to validate (password changed)");
 					return false;
 				}
+
+				if ($user->access_level == UserHelper::ACCESS_LEVEL_DISABLED) {
+					$_SESSION["login_error_msg"] = __("Session failed to validate (account is disabled)");
+					return false;
+				}
 			} else {
 				$_SESSION["login_error_msg"] = __("Session failed to validate (user not found)");
 				return false;
author	Andrew Dolgov <[email protected]>	2021-11-10 20:44:51 +0300
committer	Andrew Dolgov <[email protected]>	2021-11-10 20:44:51 +0300
commit	9e8d69739f21e5ac85977d57a2a6c961e318c26e (patch)
tree	0fc52f7be644b5f86e236cc7cb8f4dc4351da8f9 /include
parent	7a52560e4e3b0652d32645b60ae13e4904f606bc (diff)