Business/QwikClock
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix issue with reports not working without valid session

Browse Source
This commit is contained in:
Skylar Ittner 2018-05-30 19:08:46 -06:00
parent bb5db2bcee
commit a7e6ca68a6
3 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
database.mwb
View File

Binary file not shown.

3
database_upgrade/1.0.1_1.1.sql
View File

@ -45,3 +45,6 @@ CREATE TABLE IF NOT EXISTS `job_tracking` (
ON UPDATE NO ACTION)
ENGINE = InnoDB
DEFAULT CHARACTER SET = utf8;
ALTER TABLE `report_access_codes`
CHANGE COLUMN `id` `id` INT(11) NOT NULL AUTO_INCREMENT;

10
lib/reports.php
View File

@ -43,15 +43,17 @@ if (isset($VARS['code']) && LOADED) {
$requester = $_SESSION['uid'];
}
if (account_has_permission($_SESSION['username'], "ADMIN")) {
$requesterusername = getUserByID($requester)['uid'];
if (account_has_permission($requesterusername, "ADMIN")) {
$allowed_users = true;
} else {
if (account_has_permission($_SESSION['username'], "QWIKCLOCK_MANAGE")) {
if (account_has_permission($requesterusername, "QWIKCLOCK_MANAGE")) {
$allowed_users = getManagedUIDs($requester);
}
if (account_has_permission($_SESSION['username'], "QWIKCLOCK_EDITSELF")) {
$allowed_users[] = $_SESSION['uid'];
if (account_has_permission($requesterusername, "QWIKCLOCK_EDITSELF")) {
$allowed_users[] = $requester;
}
}