diff options
| author | Greg Roach <fisharebest@gmail.com> | 2014-04-19 16:55:27 +0100 |
|---|---|---|
| committer | Greg Roach <fisharebest@gmail.com> | 2014-04-19 16:55:27 +0100 |
| commit | 4248752c762438b19d2f49eef7479931e6eae3ef (patch) | |
| tree | 3b31c446846c0c561b8b360606ea408fc4bc265c | |
| parent | 5205b4dee2ec7076d575b54d48a706e01c3b56c3 (diff) | |
| parent | b5102f17d41c68e2914ca361975a72dafd55cba4 (diff) | |
| download | webtrees-4248752c762438b19d2f49eef7479931e6eae3ef.tar.gz webtrees-4248752c762438b19d2f49eef7479931e6eae3ef.tar.bz2 webtrees-4248752c762438b19d2f49eef7479931e6eae3ef.zip | |
Merge pull request #129 from jon48/hotfix/128
#128 - Wrong logic in Controllers' requireManagerLogin method
| -rw-r--r-- | library/WT/Controller/Ajax.php | 2 | ||||
| -rw-r--r-- | library/WT/Controller/Page.php | 2 | ||||
| -rw-r--r-- | library/WT/Controller/Simple.php | 2 |
3 files changed, 3 insertions, 3 deletions
diff --git a/library/WT/Controller/Ajax.php b/library/WT/Controller/Ajax.php index 70fce74b6a..a4c338843b 100644 --- a/library/WT/Controller/Ajax.php +++ b/library/WT/Controller/Ajax.php @@ -44,7 +44,7 @@ class WT_Controller_Ajax extends WT_Controller_Base { public function requireManagerLogin($ged_id=WT_GED_ID) { if ( $ged_id==WT_GED_ID && !WT_USER_GEDCOM_ADMIN || - $ged_id!=WT_GED_ID && userGedcomAdmin(WT_USER_ID, $gedcom_id) + $ged_id!=WT_GED_ID && !userGedcomAdmin(WT_USER_ID, $ged_id) ) { header('HTTP/1.0 403 Access Denied'); exit; diff --git a/library/WT/Controller/Page.php b/library/WT/Controller/Page.php index 3c654b1605..b499c8efda 100644 --- a/library/WT/Controller/Page.php +++ b/library/WT/Controller/Page.php @@ -85,7 +85,7 @@ class WT_Controller_Page extends WT_Controller_Base { require_once WT_ROOT.'includes/functions/functions.php'; // for get_query_url if ( $ged_id==WT_GED_ID && !WT_USER_GEDCOM_ADMIN || - $ged_id!=WT_GED_ID && userGedcomAdmin(WT_USER_ID, $gedcom_id) + $ged_id!=WT_GED_ID && !userGedcomAdmin(WT_USER_ID, $ged_id) ) { header('Location: '.WT_LOGIN_URL.'?url='.rawurlencode(get_query_url())); exit; diff --git a/library/WT/Controller/Simple.php b/library/WT/Controller/Simple.php index 896494896c..97ed7e6840 100644 --- a/library/WT/Controller/Simple.php +++ b/library/WT/Controller/Simple.php @@ -52,7 +52,7 @@ class WT_Controller_Simple extends WT_Controller_Page { public function requireManagerLogin($ged_id=WT_GED_ID) { if ( $ged_id==WT_GED_ID && !WT_USER_GEDCOM_ADMIN || - $ged_id!=WT_GED_ID && userGedcomAdmin(WT_USER_ID, $gedcom_id) + $ged_id!=WT_GED_ID && !userGedcomAdmin(WT_USER_ID, $ged_id) ) { $this->addInlineJavascript('opener.window.location.reload(); window.close();'); exit; |
