If no API key is supplied we should check for a valid session and

otherwise just redirect to login.

application/controllers/Backup.php

@@ -21,6 +21,11 @@ class Backup extends CI_Controller {
 
 	/* Gets all QSOs and Dumps them to logbook.adi */
 	public function adif($key = null){ 
+		if ($key == null) {
+			$this->load->model('user_model');
+			if(!$this->user_model->authorize(2)) { $this->session->set_flashdata('notice', 'You\'re not allowed to do that!'); redirect('dashboard'); }
+		}
+
 		$this->load->helper('file');
 		// Set memory limit to unlimited to allow heavy usage
 		ini_set('memory_limit', '-1');
@@ -74,4 +79,4 @@ class Backup extends CI_Controller {
 	}
 }
 
-/* End of file Backup.php */
+/* End of file Backup.php */