From 84ca542d26832d5d995a3106e7cbf0acc1ede6f3 Mon Sep 17 00:00:00 2001
From: ilotterytea <iltsu@alright.party>
Date: Thu, 11 Dec 2025 00:29:32 +0500
Subject: feat: grant all permissions if user is admin

---
 system/config.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'system/config.php')

diff --git a/system/config.php b/system/config.php
index 8e1879d..e03e95b 100644
--- a/system/config.php
+++ b/system/config.php
@@ -4,8 +4,8 @@ include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/partials.php";
 include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/alert.php";
 include_once "{$_SERVER['DOCUMENT_ROOT']}/lib/accounts.php";
 
-if (file_exists(CFG_PATH) && !authorize_user(true) && !isset($_SESSION['user_role']['permission_admin'])) {
-    generate_alert('/', 'Unauthorized', 401);
+if (file_exists(CFG_PATH) && (!authorize_user(true) || !isset($_SESSION['user_role']) || !$_SESSION['user_role']['permission_admin'])) {
+    generate_alert('/404.php', 'Unauthorized', 401);
     exit();
 }
 
-- 
cgit v1.2.3