From 181d5c9191fae5c4f6fcd32a35264f0b0c24a675 Mon Sep 17 00:00:00 2001
From: int2001 <joerg@dj7nt.de>
Date: Fri, 6 Feb 2026 05:20:52 +0000
Subject: [PATCH] Protect whole controller, not only index

---
 application/controllers/Dashboard.php | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/application/controllers/Dashboard.php b/application/controllers/Dashboard.php
index d2d01a1ac..02bab2fb5 100644
--- a/application/controllers/Dashboard.php
+++ b/application/controllers/Dashboard.php
@@ -2,14 +2,17 @@
 
 class Dashboard extends CI_Controller {
 
-	public function index() {
-		// Check if users logged in
+	function __construct() {
+		parent::__construct();
+
 		$this->load->model('user_model');
-		if ($this->user_model->validate_session() == 0) {
-			// user is not logged in
+		if (!$this->user_model->authorize(2)) {
+			$this->session->set_flashdata('error', __("You're not allowed to do that!"));
 			redirect('user/login');
 		}
+	}
 
+	public function index() {
 		// Database connections
 		$this->load->model('logbook_model');
 
@@ -217,8 +220,7 @@ class Dashboard extends CI_Controller {
 		$this->load->view('interface_assets/footer', $footerData);
 	}
 
-	function radio_display_component()
-	{
+	function radio_display_component() {
 		$this->load->model('cat');
 
 		$data['radio_status'] = $this->cat->recent_status();