strk/friendica
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

a couple more items to make sure forum delegates can't access if the forum login is shared with the site admin account

Browse source
This commit is contained in:
friendica 2012-02-16 23:58:07 -08:00
parent 0500fc2826
commit 8ff6cb8406
2 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
mod/directory.php
View file

@ -26,6 +26,8 @@ function directory_post(&$a) {
function directory_content(&$a) { function directory_content(&$a) {
$everything = (($a->argc > 1 && $a->argv[1] === 'all' && is_site_admin()) ? true : false); $everything = (($a->argc > 1 && $a->argv[1] === 'all' && is_site_admin()) ? true : false);
if(x($_SESSION,'submanage') && intval($_SESSION['submanage']))
$everything = false;
if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) { if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
notice( t('Public access denied.') . EOL); notice( t('Public access denied.') . EOL);

2
mod/regmod.php
View file

@ -107,7 +107,7 @@ function regmod_content(&$a) {
return $o; return $o;
} }
if(!is_site_admin()) { if((!is_site_admin()) || (x($_SESSION,'submanage') && intval($_SESSION['submanage']))) {
notice( t('Permission denied.') . EOL); notice( t('Permission denied.') . EOL);
return ''; return '';
} }