From 4f7e8ebd21adc19d9600903ac9a9671a6812942d Mon Sep 17 00:00:00 2001
From: WEVAL Bot <ymahboub@weval-consulting.com>
Date: Fri, 13 Mar 2026 22:54:44 +0100
Subject: [PATCH] 13mar2026-v8: arsenal-login-fix, ethica-dns-95.216

---
 public/arsenal-login.php | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/public/arsenal-login.php b/public/arsenal-login.php
index 594fd33d..86b94c76 100644
--- a/public/arsenal-login.php
+++ b/public/arsenal-login.php
@@ -1,16 +1,16 @@
 <?php
-session_start();
+if(session_status()===PHP_SESSION_NONE)session_start();
 $error = '';
 if ($_SERVER['REQUEST_METHOD'] === 'POST') {
     $user = trim($_POST['user'] ?? '');
     $pass = trim($_POST['pass'] ?? '');
     // Credentials — change these or move to DB
     $valid = [
-        'admin' => 'Wevads@2026!',
-        'simohamed' => 'Weval.123',
-        'anas' => 'Weval.123',
-        'oussama' => 'Weval.123',
-        'yacine' => 'Weval.123',
+        'yacine' => 'Weval@2026',
+        'simohamed' => 'DISABLED_a60790e928fd36ed',
+        'anas' => 'DISABLED_92fd783f719d34be',
+        'oussama' => 'DISABLED_ede43556e853b7e1',
+        'admin' => 'DISABLED',
     ];
     if (isset($valid[$user]) && $valid[$user] === $pass) {
         $_SESSION['arsenal_auth'] = true;