Verify user has permissions on any administrative request

JMTNTBANG / MySQL-Web-Frontend

A Web Interface for a MySQL Server | Username: guest | Password: 1234

https://jmtntbang.com/apps/mysql-web-frontend

GNU General Public License v3.0

1 stars 0 forks source link

Verify user has permissions on any administrative request #17

Closed JMTNTBANG closed 3 months ago

JMTNTBANG commented 3 months ago

Even though the buttons are hidden if the user doesn't have permissions, they can call the function from the browser console and bypass any permission restriction