From 6e569c8918e0d7257748c9cf8426102a8af6a755 Mon Sep 17 00:00:00 2001
From: Jared Vititoe <jjvititoe1@gmail.com>
Date: Fri, 23 Jan 2026 21:28:39 -0500
Subject: [PATCH] fix: Remove redundant session_start from get_users.php

RateLimitMiddleware already starts the session.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 api/get_users.php | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/api/get_users.php b/api/get_users.php
index b651ec2..bc2fe1a 100644
--- a/api/get_users.php
+++ b/api/get_users.php
@@ -13,8 +13,7 @@ RateLimitMiddleware::apply('api');
 try {
     require_once dirname(__DIR__) . '/config/config.php';
 
-    // Check authentication
-    session_start();
+    // Check authentication (session already started by RateLimitMiddleware)
     if (!isset($_SESSION['user']) || !isset($_SESSION['user']['user_id'])) {
         http_response_code(401);
         echo json_encode(['success' => false, 'error' => 'Authentication required']);