Signed-off-by: canyonknight <[email protected]>
---
web/html/account.php | 7 ++-----
1 file changed, 2 insertions(+), 5 deletions(-)
diff --git a/web/html/account.php b/web/html/account.php
index cccdd76..2133734 100644
--- a/web/html/account.php
+++ b/web/html/account.php
@@ -48,11 +48,8 @@ if (isset($_COOKIE["AURSID"])) {
if (empty($row)) {
print __("Could not retrieve information for the
specified user.");
} else {
- # double check to make sure logged in user can edit
this account
- #
- if ($atype == "Developer" || ($atype == "Trusted User"
&&
- $row["AccountType"] != "Developer") ||
- ($row["ID"] ==
uid_from_sid($_COOKIE["AURSID"]))) {
+ /* Verify user has permission to edit the account */
+ if (can_edit_account($atype, $row,
uid_from_sid($_COOKIE["AURSID"]))) {
display_account_form($atype, "UpdateAccount",
$row["Username"],
$row["AccountType"], $row["Suspended"],
$row["Email"],
"", "", $row["RealName"],
$row["LangPreference"],
--
1.8.1.1
