[geeklog-cvs] geeklog-1.3/public_html/admin group.php,1.38,1.39
dhaun at iowaoutdoors.org
dhaun at iowaoutdoors.org
Sat Sep 18 10:55:47 EDT 2004
Update of /var/cvs/geeklog-1.3/public_html/admin
In directory www:/tmp/cvs-serv23027/public_html/admin
Modified Files:
group.php
Log Message:
Bugfix: Group Admins should not be able to see the members of a group of which they themselves are not a member.
Index: group.php
===================================================================
RCS file: /var/cvs/geeklog-1.3/public_html/admin/group.php,v
retrieving revision 1.38
retrieving revision 1.39
diff -C2 -d -r1.38 -r1.39
*** group.php 9 Aug 2004 07:56:22 -0000 1.38
--- group.php 18 Sep 2004 14:55:45 -0000 1.39
***************
*** 581,584 ****
--- 581,595 ----
$retval = '';
+ $thisUsersGroups = SEC_getUserGroups ();
+ if (!empty ($grp_id) && ($grp_id > 0) &&
+ !in_array ($grp_id, $thisUsersGroups)) {
+ $retval .= COM_startBlock ($LANG_ACCESS['usergroupadmin'], '',
+ COM_getBlockTemplate ('_msg_block', 'header'));
+ $retval .= $LANG_ACCESS['cantlistgroup'];
+ $retval .= COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'));
+
+ return $retval;
+ }
+
if ($curpage <= 0) {
$curpage = 1;
More information about the geeklog-cvs
mailing list