Changeset 8126 for trunk/plugins
- Timestamp:
- Dec 14, 2010, 2:47:24 PM (13 years ago)
- Location:
- trunk/plugins
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/plugins/LocalFilesEditor/admin.php
r5272 r8126 165 165 case 'tpl': 166 166 // New file form creation 167 if ($newfile_page and !is_adviser())167 if ($newfile_page) 168 168 { 169 169 $filename = isset($_POST['tpl_name']) ? $_POST['tpl_name'] : ''; … … 281 281 // | Load backup file 282 282 // +-----------------------------------------------------------------------+ 283 if (isset($_POST['restore']) and !is_adviser())283 if (isset($_POST['restore'])) 284 284 { 285 285 $edited_file = $_POST['edited_file']; … … 293 293 // | Save file 294 294 // +-----------------------------------------------------------------------+ 295 if (isset($_POST['submit']) and !is_adviser())295 if (isset($_POST['submit'])) 296 296 { 297 297 if (!is_webmaster()) -
trunk/plugins/admin_multi_view/controller.php
r8012 r8126 31 31 if ( isset($_GET['view_as']) ) 32 32 { 33 if ( is_adviser() and $user['id']!=$_GET['view_as'] and $conf['guest_id']!=$_GET['view_as'])34 die('security error');35 33 if ($user['id']===$_GET['view_as']) 36 34 pwg_unset_session_var( 'multiview_as' ); … … 112 110 $query = ' 113 111 SELECT '.$conf['user_fields']['id'].' AS id,'.$conf['user_fields']['username'].' AS username 114 FROM '.USERS_TABLE; 115 if (is_adviser()) 116 { 117 $query .=' 118 WHERE '.$conf['user_fields']['id']. ' IN ('.$user['id'].','.$conf['guest_id'].') 119 '; 120 } 121 $query .=' 112 FROM '.USERS_TABLE.' 122 113 ORDER BY CONVERT('.$conf['user_fields']['username'].',CHAR) 123 114 ;';
Note: See TracChangeset
for help on using the changeset viewer.