Fix for disabled logged-in users (#6612)

fix https://github.com/FreshRSS/FreshRSS/issues/6611 Logged-in users were still able to use their account for some time despite having being disabled by admin
author: Alexandre Alapetite <alexandre@alapetite.fr> 2024-07-08 11:05:58 +0200
committer: GitHub <noreply@github.com> 2024-07-08 11:05:58 +0200
commit: 4738ca851207f07bdfc409ecb16d3fc754e5bf48 (patch)
tree: c6acc0a425f28f108643adf17c37291a610d2784 /p/api
parent: 8ae95055dce9935ec32fb986417f4c5703a32bf9 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/p/api/query.php b/p/api/query.php
index c95a2bf43..7d74f2313 100644
--- a/p/api/query.php
+++ b/p/api/query.php
@@ -36,7 +36,7 @@ if (!FreshRSS_Context::hasSystemConf() || !FreshRSS_Context::systemConf()->api_e
 }
 
 FreshRSS_Context::initUser($user);
-if (!FreshRSS_Context::hasUserConf()) {
+if (!FreshRSS_Context::hasUserConf() || !FreshRSS_Context::userConf()->enabled) {
 	usleep(rand(100, 10000));	//Primitive mitigation of scanning for users
 	header('HTTP/1.1 404 Not Found');
 	header('Content-Type: text/plain; charset=UTF-8');
author	Alexandre Alapetite <alexandre@alapetite.fr>	2024-07-08 11:05:58 +0200
committer	GitHub <noreply@github.com>	2024-07-08 11:05:58 +0200
commit	4738ca851207f07bdfc409ecb16d3fc754e5bf48 (patch)
tree	c6acc0a425f28f108643adf17c37291a610d2784 /p/api
parent	8ae95055dce9935ec32fb986417f4c5703a32bf9 (diff)