Revision: 2344
http://mrbs.svn.sourceforge.net/mrbs/?rev=2344&view=rev
Author: cimorrison
Date: 2012-07-20 15:00:47 +0000 (Fri, 20 Jul 2012)
Log Message:
-----------
Fixed bug introduced in last revision causing
$auth['only_admin_can_see_other_users'] not to work
Modified Paths:
--------------
mrbs/trunk/web/edit_users.php
Modified: mrbs/trunk/web/edit_users.php
===================================================================
--- mrbs/trunk/web/edit_users.php 2012-07-20 14:29:27 UTC (rev 2343)
+++ mrbs/trunk/web/edit_users.php 2012-07-20 15:00:47 UTC (rev 2344)
@@ -129,21 +129,12 @@
function output_row(&$row)
{
global $ajax, $json_data;
- global $level, $min_user_viewing_level, $min_user_editing_level, $user;
- global $auth, $fields, $ignore_columns, $select_options;
+ global $level, $min_user_editing_level, $user;
+ global $fields, $ignore_columns, $select_options;
global $PHP_SELF;
$values = array();
- // Check whether ordinary users are allowed to see other users' details. If
not,
- // then skip past this row if it's not the current user or the user is not
an admin
- if ($auth['only_admin_can_see_other_users'] &&
- ($level < $min_user_viewing_level) &&
- (strcasecmp($row['name'], $user) != 0))
- {
- continue;
- }
-
// First column, which is the name
$html_name = htmlspecialchars($row['name']);
// You can only edit a user if you have sufficient admin rights, or else if
that user is yourself
@@ -910,7 +901,14 @@
{
for ($i = 0; ($row = sql_row_keyed($res, $i)); $i++)
{
- output_row($row);
+ // You can only see this row if (a) we allow everybody to see all rows or
+ // (b) you are an admin or (c) you are this user
+ if (!$auth['only_admin_can_see_other_users'] ||
+ ($level >= $min_user_viewing_level) ||
+ (strcasecmp($row['name'], $user) == 0))
+ {
+ output_row($row);
+ }
}
}
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Mrbs-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/mrbs-commits
