Advanced Search not working for read-only users #1325

prasathmani · web-flow · commit dd79258999a9 · 2025-11-13T13:28:40.000+05:30
diff --git a/tinyfilemanager.php b/tinyfilemanager.php
@@ -459,7 +459,7 @@ function getClientIP()
 /*************************** ACTIONS ***************************/
 
 // Handle all AJAX Request
-if ((isset($_SESSION[FM_SESSION_ID]['logged'], $auth_users[$_SESSION[FM_SESSION_ID]['logged']]) || !FM_USE_AUTH) && isset($_POST['ajax'], $_POST['token']) && !FM_READONLY) {
+if ((isset($_SESSION[FM_SESSION_ID]['logged'], $auth_users[$_SESSION[FM_SESSION_ID]['logged']]) || !FM_USE_AUTH) && isset($_POST['ajax'], $_POST['token'])) {
     if (!verifyToken($_POST['token'])) {
         header('HTTP/1.0 401 Unauthorized');
         die("Invalid Token.");
@@ -473,6 +473,10 @@ function getClientIP()
         exit();
     }
 
+    if(FM_READONLY){
+        exit();
+    }
+
     // save editor file
     if (isset($_POST['type']) && $_POST['type'] == "save") {
         // get current path
