claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

admin/index.php should ensure the user is an admin, otherwise normal users

Browse Source 
can display the userlist and see the email addresses of all users.
This commit is contained in:
Stefan Pflüger
2004-12-10 00:11:10 +00:00
committed by WineHQ
parent f4d2205cdd
commit 06a0ea4812
1 changed files with 1 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
admin/index.php
View File

@@ -9,8 +9,7 @@ include("path.php");
include(BASE."include/"."incl.php");
include(BASE."include/"."tableve.php");
//FIXME: need to check for admin privs
if(!loggedin())
if(!loggedin() || !havepriv("admin"))
{
errorpage();
exit;