Revision: 1111
http://mrbs.svn.sourceforge.net/mrbs/?rev=1111&view=rev
Author: dceschools
Date: 2009-05-18 17:35:52 +0000 (Mon, 18 May 2009)
Log Message:
-----------
Fixes problem of private booking details being exposed when there is a
scheduling conflict.
Modified Paths:
--------------
mrbs/trunk/web/mrbs_sql.inc
Modified: mrbs/trunk/web/mrbs_sql.inc
===================================================================
--- mrbs/trunk/web/mrbs_sql.inc 2009-05-14 16:20:10 UTC (rev 1110)
+++ mrbs/trunk/web/mrbs_sql.inc 2009-05-18 17:35:52 UTC (rev 1111)
@@ -21,8 +21,10 @@
global $enable_periods;
global $periods;
+ $user = getUserName();
// Select any meetings which overlap ($starttime,$endtime) for this room:
- $sql = "SELECT id, name, start_time FROM $tbl_entry WHERE
+ $sql = "SELECT id, name, start_time, create_by, private
+ FROM $tbl_entry WHERE
start_time < $endtime AND end_time > $starttime
AND room_id = $room_id";
@@ -68,6 +70,12 @@
$startstr = utf8_strftime('%A %d %B %Y %H:%M:%S',
$row['start_time']);
}
+
+ if (is_private_event($row['private']) &&
+ !getWritable($row['create_by'], $user))
+ {
+ $row['name'] = get_vocab("private");
+ }
$err .= "<li><a
href=\"view_entry.php?id=".$row['id']."\">".$row['name']."</a>"
. " ( " . $startstr . ") "
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
------------------------------------------------------------------------------
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensing option that enables
unlimited royalty-free distribution of the report engine
for externally facing server and web deployment.
http://p.sf.net/sfu/businessobjects
_______________________________________________
Mrbs-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/mrbs-commits
