Commit: 321bdc0cb228dd5c1b04b260e453acc052eb1ce0 Author: Sherif Ramadan <[email protected]> Thu, 13 Dec 2012 20:09:13 -0500 Parents: 5b6959bdc0d1e60e1d2bf2703b20a9579e88f5a3 Branches: master
Link: http://git.php.net/?p=web/master.git;a=commitdiff;h=321bdc0cb228dd5c1b04b260e453acc052eb1ce0 Log: Added user check for reseting votes access and fixed a typo. Changed paths: M manage/user-notes.php Diff: diff --git a/manage/user-notes.php b/manage/user-notes.php index a73710e..fdfdb83 100644 --- a/manage/user-notes.php +++ b/manage/user-notes.php @@ -442,8 +442,12 @@ case 'edit': case 'resetall': case 'resetup': case 'resetdown': + /* Only those with privileges in allow_mass_change may use these options */ + if (!allow_mass_change($user)) { + die("You do not have access to use this feature!"); + } /* Reset votes for user note -- effectively deletes votes found for that note_id in the votes table: up/down/both */ - header('user notes'); + head('user notes'); if ($id) { if (strtoupper($_SERVER['REQUEST_METHOD']) == 'POST') { if ($action == 'resetall') { @@ -607,7 +611,7 @@ function allow_mass_change($user) if (in_array( $user, array( - "vrana", "goba", "nlopess", "didou", "bjori", "philip", "bobby", "danbrown", "mgdm", + "vrana", "goba", "nlopess", "didou", "bjori", "philip", "bobby", "danbrown", "mgdm", "googleguy", ) ) ) { -- PHP Webmaster List Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
