Changeset 1571 for trunk/admin/picture_modify.php

Timestamp:

Oct 21, 2006, 2:28:07 PM (18 years ago)

Author:

rub

Message:

Resolved Issue ID 0000356:

o Increase security on adviser mode

First modifications of n modifications.
All the others modifications will be done on BSF branch.

Merge branch-1_6 1568:1570 into BSF

File:

• trunk/admin/picture_modify.php (modified) (5 diffs)

trunk/admin/picture_modify.php

@@ -71 +71 @@
 }
 
-if (isset($_POST['submit']) and count($page['errors']) == 0)
+if (isset($_POST['submit']) and count($page['errors']) == 0 and !is_adviser())
 {
   $data = array();
@@ -120 +120 @@
 if (isset($_POST['associate'])
     and isset($_POST['cat_dissociated'])
-    and count($_POST['cat_dissociated']) > 0)
+    and count($_POST['cat_dissociated']) > 0
+    and !is_adviser()
+  )
 {
   associate_images_to_categories(
@@ -130 +132 @@
 if (isset($_POST['dissociate'])
     and isset($_POST['cat_associated'])
-    and count($_POST['cat_associated']) > 0)
+    and count($_POST['cat_associated']) > 0
+    and !is_adviser()
+  )
 {
   $query = '
@@ -144 +148 @@
 if (isset($_POST['elect'])
     and isset($_POST['cat_dismissed'])
-    and count($_POST['cat_dismissed']) > 0)
+    and count($_POST['cat_dismissed']) > 0
+    and !is_adviser()
+  )
 {
   $datas = array();
@@ -160 +166 @@
 if (isset($_POST['dismiss'])
     and isset($_POST['cat_elected'])
-    and count($_POST['cat_elected']) > 0)
+    and count($_POST['cat_elected']) > 0
+    and !is_adviser()
+  )
 {
   set_random_representant($_POST['cat_elected']);