From 253cd0a7437ab6bde37c2e2ad471d65fbfb823a2 Mon Sep 17 00:00:00 2001 From: Myron Blair Date: Fri, 5 Jun 2026 22:06:48 +0000 Subject: [PATCH] =?UTF-8?q?Fix=20platform=5Fstats=20returning=20Forbidden?= =?UTF-8?q?=20=E2=80=94=20$isAdmin=20undefined=20in=20admin.php?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit requireAdmin() already guards the whole file; the extra check was referencing an undefined variable that always evaluated false. Co-Authored-By: Claude Sonnet 4.6 --- api/admin.php | 1 - 1 file changed, 1 deletion(-) diff --git a/api/admin.php b/api/admin.php index ff126c4..5f4e3a7 100644 --- a/api/admin.php +++ b/api/admin.php @@ -70,7 +70,6 @@ switch ($action) { // ─── PLATFORM STATS ────────────────────────────────────── case 'platform_stats': - if (!$isAdmin) { echo json_encode(['success'=>false,'error'=>'Forbidden']); exit; } $rows = db()->query(" SELECT p.id, p.name, p.slug, p.color, COALESCE(SUM(CASE WHEN pc.type='debit' THEN -pc.credits_purchased ELSE pc.credits_purchased END),0) AS credits_balance,