Browse Source

Fix issue with reports not working without valid session

master
Skylar Ittner 3 years ago
parent
commit
a7e6ca68a6
  1. BIN
      database.mwb
  2. 3
      database_upgrade/1.0.1_1.1.sql
  3. 10
      lib/reports.php

BIN
database.mwb

3
database_upgrade/1.0.1_1.1.sql

@ -45,3 +45,6 @@ CREATE TABLE IF NOT EXISTS `job_tracking` (
ON UPDATE NO ACTION)
ENGINE = InnoDB
DEFAULT CHARACTER SET = utf8;
ALTER TABLE `report_access_codes`
CHANGE COLUMN `id` `id` INT(11) NOT NULL AUTO_INCREMENT;

10
lib/reports.php

@ -43,15 +43,17 @@ if (isset($VARS['code']) && LOADED) {
$requester = $_SESSION['uid'];
}
if (account_has_permission($_SESSION['username'], "ADMIN")) {
$requesterusername = getUserByID($requester)['uid'];
if (account_has_permission($requesterusername, "ADMIN")) {
$allowed_users = true;
} else {
if (account_has_permission($_SESSION['username'], "QWIKCLOCK_MANAGE")) {
if (account_has_permission($requesterusername, "QWIKCLOCK_MANAGE")) {
$allowed_users = getManagedUIDs($requester);
}
if (account_has_permission($_SESSION['username'], "QWIKCLOCK_EDITSELF")) {
$allowed_users[] = $_SESSION['uid'];
if (account_has_permission($requesterusername, "QWIKCLOCK_EDITSELF")) {
$allowed_users[] = $requester;
}
}

Loading…
Cancel
Save