Browse Source

Fix issue with reports not working without valid session

master
Skylar Ittner 1 year ago
parent
commit
a7e6ca68a6
3 changed files with 9 additions and 4 deletions
  1. BIN
      database.mwb
  2. 3
    0
      database_upgrade/1.0.1_1.1.sql
  3. 6
    4
      lib/reports.php

BIN
database.mwb View File


+ 3
- 0
database_upgrade/1.0.1_1.1.sql View File

@@ -45,3 +45,6 @@ CREATE TABLE IF NOT EXISTS `job_tracking` (
ON UPDATE NO ACTION)
ENGINE = InnoDB
DEFAULT CHARACTER SET = utf8;

ALTER TABLE `report_access_codes`
CHANGE COLUMN `id` `id` INT(11) NOT NULL AUTO_INCREMENT;

+ 6
- 4
lib/reports.php View File

@@ -43,15 +43,17 @@ if (isset($VARS['code']) && LOADED) {
$requester = $_SESSION['uid'];
}

if (account_has_permission($_SESSION['username'], "ADMIN")) {
$requesterusername = getUserByID($requester)['uid'];

if (account_has_permission($requesterusername, "ADMIN")) {
$allowed_users = true;
} else {
if (account_has_permission($_SESSION['username'], "QWIKCLOCK_MANAGE")) {
if (account_has_permission($requesterusername, "QWIKCLOCK_MANAGE")) {
$allowed_users = getManagedUIDs($requester);
}

if (account_has_permission($_SESSION['username'], "QWIKCLOCK_EDITSELF")) {
$allowed_users[] = $_SESSION['uid'];
if (account_has_permission($requesterusername, "QWIKCLOCK_EDITSELF")) {
$allowed_users[] = $requester;
}
}


Loading…
Cancel
Save