Resolved Issue ID 0000356:

o Increase security on adviser mode

First modifications of n modifications.
All the others modifications will be done on BSF branch.


Merge branch-1_6 1568:1570 into BSF

git-svn-id: http://piwigo.org/svn/trunk@1571 68402e56-0260-453c-a942-63ccdbb3a9ee
This commit is contained in:
rub
2006-10-21 12:28:07 +00:00
parent eaacbc7b2d
commit 258fa3b40c
7 changed files with 38 additions and 27 deletions
+3 -3
View File
@@ -46,7 +46,7 @@ if (isset($_POST))
$to_validate = array();
$to_reject = array();
if (isset($_POST['submit']))
if (isset($_POST['submit']) and !is_adviser())
{
foreach (explode(',', $_POST['list']) as $comment_id)
{
@@ -68,11 +68,11 @@ if (isset($_POST))
}
}
}
else if (isset($_POST['validate-all']) and !empty($_POST['list']))
else if (isset($_POST['validate-all']) and !empty($_POST['list']) and !is_adviser())
{
$to_validate = explode(',', $_POST['list']);
}
else if (isset($_POST['reject-all']) and !empty($_POST['list']))
else if (isset($_POST['reject-all']) and !empty($_POST['list']) and !is_adviser())
{
$to_reject = explode(',', $_POST['list']);
}