@@ -74,6 +74,9 @@ class User extends Start_Controller
//首页
public function _index()
{
+ if(empty($_SESSION['api'])){
+ exit('No direct script access allowed');
+ }
$user = $this->user->get_api($_SESSION['api']);
$this->data['user'] = $user; //登录的用户信息
$power = $this->power->read($user['power']);
