Prevent deletion of client unless user role is 3 (admin)

2026-02-28 02:44:53 +00:00 · 2022-03-24 20:52:26 +00:00
parent fd589c53fa
commit e4d2d0c699
1 changed files with 7 additions and 0 deletions
--- a/post.php
+++ b/post.php
@@ -1226,6 +1226,13 @@ if(isset($_POST['edit_client'])){
 }

 if(isset($_GET['delete_client'])){
+    if($session_user_role !== "3"){
+        $_SESSION['alert_type'] = "danger";
+        $_SESSION['alert_message'] = "You are not permitted to do that!";
+        header("Location: " . $_SERVER["HTTP_REFERER"]);
+        exit();
+    }
+
    $client_id = intval($_GET['delete_client']);

    //Get Client Name