Browse Source

Fix issue with reports not working without valid session

master
Skylar Ittner 1 year ago
parent
commit
a7e6ca68a6
3 changed files with 9 additions and 4 deletions
  1. BIN
      database.mwb
  2. 3
    0
      database_upgrade/1.0.1_1.1.sql
  3. 6
    4
      lib/reports.php

BIN
database.mwb View File


+ 3
- 0
database_upgrade/1.0.1_1.1.sql View File

@@ -45,3 +45,6 @@ CREATE TABLE IF NOT EXISTS `job_tracking` (
45 45
     ON UPDATE NO ACTION)
46 46
 ENGINE = InnoDB
47 47
 DEFAULT CHARACTER SET = utf8;
48
+
49
+ALTER TABLE `report_access_codes`
50
+CHANGE COLUMN `id` `id` INT(11) NOT NULL AUTO_INCREMENT;

+ 6
- 4
lib/reports.php View File

@@ -43,15 +43,17 @@ if (isset($VARS['code']) && LOADED) {
43 43
     $requester = $_SESSION['uid'];
44 44
 }
45 45
 
46
-if (account_has_permission($_SESSION['username'], "ADMIN")) {
46
+$requesterusername = getUserByID($requester)['uid'];
47
+
48
+if (account_has_permission($requesterusername, "ADMIN")) {
47 49
     $allowed_users = true;
48 50
 } else {
49
-    if (account_has_permission($_SESSION['username'], "QWIKCLOCK_MANAGE")) {
51
+    if (account_has_permission($requesterusername, "QWIKCLOCK_MANAGE")) {
50 52
         $allowed_users = getManagedUIDs($requester);
51 53
     }
52 54
 
53
-    if (account_has_permission($_SESSION['username'], "QWIKCLOCK_EDITSELF")) {
54
-        $allowed_users[] = $_SESSION['uid'];
55
+    if (account_has_permission($requesterusername, "QWIKCLOCK_EDITSELF")) {
56
+        $allowed_users[] = $requester;
55 57
     }
56 58
 }
57 59
 

Loading…
Cancel
Save