diff --git a/webapp/controller/BaseAuthedController.class.php b/webapp/controller/BaseAuthedController.class.php
index cede03d1..487b0696 100644
--- a/webapp/controller/BaseAuthedController.class.php
+++ b/webapp/controller/BaseAuthedController.class.php
@@ -48,10 +48,12 @@ class BaseAuthedController extends BaseController {
 
     public function _handlePre()
     {
-        if (getReqVal('client_uuid', '') != '499af8a0-a1bc-0b0e-dc79-a42cb3f103dc') {
-            if ((getReqVal('c', '') != 'Battle')) {
-                phpcommon\sendError(1001, 'session expiration');
-                die();
+        if (SERVER_ENV == _ONLINE) {
+            if (getReqVal('client_uuid', '') != '499af8a0-a1bc-0b0e-dc79-a42cb3f103dc') {
+                if ((getReqVal('c', '') != 'Battle')) {
+                    phpcommon\sendError(1001, 'session expiration');
+                    die();
+                }
             }
         }
 
diff --git a/webapp/controller/UserController.class.php b/webapp/controller/UserController.class.php
index 2aeac832..da655d92 100644
--- a/webapp/controller/UserController.class.php
+++ b/webapp/controller/UserController.class.php
@@ -152,6 +152,7 @@ class UserController extends BaseAuthedController {
         $awardService = new services\AwardService();
         $propertyChgService = new services\PropertyChgService();
         $this->_addItems($items, $awardService, $propertyChgService);
+        $this->_addItems($addItems, $awardService, $propertyChgService);
     }
 
     private function loginCheck($userInfo)