add missing auth

2025-03-05 02:53:05 -05:00
parent 5a77a264c4
commit 17d46a6a32
1 changed files with 7 additions and 0 deletions
--- a/saveFile.php
+++ b/saveFile.php
@@ -3,6 +3,13 @@ require_once 'config.php';
 session_start();
 header('Content-Type: application/json');

+// Ensure user is authenticated
+if (!isset($_SESSION['authenticated']) || $_SESSION['authenticated'] !== true) {
+    echo json_encode(["error" => "Unauthorized"]);
+    http_response_code(401);
+    exit;
+}
+
 $data = json_decode(file_get_contents("php://input"), true);

 // Debugging: Check what data is received.