Business/QwikClock
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix issue with reports not working without valid session

Browse Source
This commit is contained in:
Skylar Ittner 2018-05-30 19:08:46 -06:00
parent bb5db2bcee
commit a7e6ca68a6
3 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
database.mwb
View File

Binary file not shown.

3
database_upgrade/1.0.1_1.1.sql
View File

@ -45,3 +45,6 @@ CREATE TABLE IF NOT EXISTS `job_tracking` (
ON UPDATE NO ACTION) ON UPDATE NO ACTION)
ENGINE = InnoDB ENGINE = InnoDB
DEFAULT CHARACTER SET = utf8; DEFAULT CHARACTER SET = utf8;
ALTER TABLE `report_access_codes`
CHANGE COLUMN `id` `id` INT(11) NOT NULL AUTO_INCREMENT;

10
lib/reports.php
View File

@ -43,15 +43,17 @@ if (isset($VARS['code']) && LOADED) {
$requester = $_SESSION['uid']; $requester = $_SESSION['uid'];
} }
if (account_has_permission($_SESSION['username'], "ADMIN")) { $requesterusername = getUserByID($requester)['uid'];
if (account_has_permission($requesterusername, "ADMIN")) {
$allowed_users = true; $allowed_users = true;
} else { } else {
if (account_has_permission($_SESSION['username'], "QWIKCLOCK_MANAGE")) { if (account_has_permission($requesterusername, "QWIKCLOCK_MANAGE")) {
$allowed_users = getManagedUIDs($requester); $allowed_users = getManagedUIDs($requester);
} }
if (account_has_permission($_SESSION['username'], "QWIKCLOCK_EDITSELF")) { if (account_has_permission($requesterusername, "QWIKCLOCK_EDITSELF")) {
$allowed_users[] = $_SESSION['uid']; $allowed_users[] = $requester;
} }
} }