From ae6420dc8012cd4400150d7097be2df81f2bb562 Mon Sep 17 00:00:00 2001
From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com>
Date: Fri, 12 Dec 2025 16:23:16 +0000
Subject: [PATCH] Fix DEV_MODE access using $GLOBALS instead of global keyword

Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com>
---
 data/web/inc/sessions.inc.php | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/data/web/inc/sessions.inc.php b/data/web/inc/sessions.inc.php
index 724aafb34..18d9d1727 100644
--- a/data/web/inc/sessions.inc.php
+++ b/data/web/inc/sessions.inc.php
@@ -133,15 +133,13 @@ if (isset($_POST["logout"])) {
 
 // Check session
 function session_check() {
-  global $DEV_MODE;
-  
   if (isset($_SESSION['mailcow_cc_api']) && $_SESSION['mailcow_cc_api'] === true) {
     return true;
   }
   if (!isset($_SESSION['SESS_REMOTE_UA']) || ($_SESSION['SESS_REMOTE_UA'] != $_SERVER['HTTP_USER_AGENT'])) {
     // In development mode, allow User-Agent changes (e.g., for responsive testing in dev tools)
     // Validate UA is not empty and has reasonable length (most UAs are under 200 chars, 500 is safe upper limit)
-    if ($DEV_MODE && isset($_SESSION['SESS_REMOTE_UA']) && !empty($_SERVER['HTTP_USER_AGENT']) && strlen($_SERVER['HTTP_USER_AGENT']) < 500) {
+    if ($GLOBALS['DEV_MODE'] && isset($_SESSION['SESS_REMOTE_UA']) && !empty($_SERVER['HTTP_USER_AGENT']) && strlen($_SERVER['HTTP_USER_AGENT']) < 500) {
       $_SESSION['SESS_REMOTE_UA'] = $_SERVER['HTTP_USER_AGENT'];
       return true;
     }