v.1.1 changes 16-04-2026:

- Minor changes to interface.
- Fixed different missing includes.
- Access now denied to api calls that are related to disabled modules.
- Fixed sorting of CPU and memory in server overview.

pub/api/classes/API.php

@@ -44,8 +44,11 @@ class API
 
     public function __construct()
     {
-        # Setup Database connection
+
         require_once $_SERVER['DOCUMENT_ROOT'] . '/bin/php/db_connect.php';
+        include_once $_SERVER['DOCUMENT_ROOT'] . '/bin/php/Functions/globalFunctions.php';
+
+        # Setup Database connection
         $this->conn = $GLOBALS['conn'];
 
         if (!empty($_SESSION['user']['user_uuid'])) {
@@ -77,6 +80,9 @@ class API
             }
         }
 
+        # Get the enabled modules for the user
+        $GLOBALS['modules_enabled'] = getEnabledModules();
+
         // Disable builder input for non-GET requests to prevent potential SQL injection vulnerabilities.
         // Also disable the builder for users with the 'frontend' user type as an extra security measure.
         // The builder should only be active for API users making GET requests.
@@ -98,7 +104,6 @@ class API
         $this->user_type = 'frontend';
 
         # Load the locale for the user, this is used for the return message in the frontend and other globalFunctions.
-        include_once $_SERVER['DOCUMENT_ROOT'] . '/bin/php/Functions/globalFunctions.php';
         $locale = getPreferredLocale();
         global $translations;
         $translations = require $_SERVER['DOCUMENT_ROOT'] . "/bin/locales/{$locale}.php";