-
Notifications
You must be signed in to change notification settings - Fork 86
/
PreventAccessToBackendDuringMaintenance.php
57 lines (41 loc) · 1.92 KB
/
PreventAccessToBackendDuringMaintenance.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
<?php
/**
* Prevent Admins from accessing WHMCS backend during Maintenance
*
* @package WHMCS
* @copyright Katamaze
* @link https://katamaze.com
* @author Davide Mantenuto <[email protected]>
*/
use WHMCS\Database\Capsule;
define('kt_maintenance_mode_allowed_admins', [ ]); // Array of Admin Ids that are allowed to access WHMCS backend when maintenance mode is enabled
define('kt_maintenance_mode_allowed_admin_roles', [ ]); // Array of Admin Role Ids that are allowed to access WHMCS backend when maintenance mode is enabled
// If the above arrays are empty there's no need to go on with the script. It ends here
if (!kt_maintenance_mode_allowed_admin_roles AND !kt_maintenance_mode_allowed_admins) {
return;
}
add_hook('AdminAreaPage', 1, function($vars) {
// Detect if Mainenance Mode is enabled or disabled
$maintenance_mode = Capsule::table('tblconfiguration')->where('setting', 'MaintenanceMode')->pluck('value')[0];
// Maintenance Mode is disabled. Exiting...
if ($maintenance_mode != 'on') {
return;
}
// `kt_maintenance_mode_allowed_admins` is set. Verify if the currently logged admin can access backend during maintenance
if (kt_maintenance_mode_allowed_admins) {
// Not allowed. Forcing logout...
if (!in_array($_SESSION['adminid'], kt_maintenance_mode_allowed_admins)) {
header('Location: logout.php?');
die();
}
}
// `kt_maintenance_mode_allowed_admin_roles` is set. Verify if the currently logged admin group can access backend during maintenance
if (kt_maintenance_mode_allowed_admin_roles) {
$admin_role_id = Capsule::table('tbladmins')->where('id', $_SESSION['adminid'])->pluck('roleid')[0];
// Not allowed. Forcing logout...
if (!in_array($admin_role_id, kt_maintenance_mode_allowed_admin_roles)) {
header('Location: logout.php');
die();
}
}
});