aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2012-02-16 23:58:07 -0800
committerfriendica <info@friendica.com>2012-02-16 23:58:07 -0800
commit8ff6cb84063d82ccf32a4c6fb65f70da91385c8f (patch)
treedf96540cb461ae78503e3ec2ea96c426458211f1
parent0500fc2826e01d0570139fe5218f223d3a918970 (diff)
downloadvolse-hubzilla-8ff6cb84063d82ccf32a4c6fb65f70da91385c8f.tar.gz
volse-hubzilla-8ff6cb84063d82ccf32a4c6fb65f70da91385c8f.tar.bz2
volse-hubzilla-8ff6cb84063d82ccf32a4c6fb65f70da91385c8f.zip
a couple more items to make sure forum delegates can't access if the forum login is shared with the site admin account
-rwxr-xr-xmod/directory.php2
-rwxr-xr-xmod/regmod.php2
2 files changed, 3 insertions, 1 deletions
diff --git a/mod/directory.php b/mod/directory.php
index 5f00b4f5a..962188945 100755
--- a/mod/directory.php
+++ b/mod/directory.php
@@ -26,6 +26,8 @@ function directory_post(&$a) {
function directory_content(&$a) {
$everything = (($a->argc > 1 && $a->argv[1] === 'all' && is_site_admin()) ? true : false);
+ if(x($_SESSION,'submanage') && intval($_SESSION['submanage']))
+ $everything = false;
if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
notice( t('Public access denied.') . EOL);
diff --git a/mod/regmod.php b/mod/regmod.php
index 76ea4062e..17e728ba2 100755
--- a/mod/regmod.php
+++ b/mod/regmod.php
@@ -107,7 +107,7 @@ function regmod_content(&$a) {
return $o;
}
- if(!is_site_admin()) {
+ if((!is_site_admin()) || (x($_SESSION,'submanage') && intval($_SESSION['submanage']))) {
notice( t('Permission denied.') . EOL);
return '';
}