[php-blog-cvs] serendipity/include/admin users.inc.php,1.11,1.12

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/php-blog/serendipity/include/admin
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv32733/include/admin

Modified Files:
	users.inc.php 
Log Message:
Users cannot create users with their own userlevel!
Fixes Bug #1122539


Index: users.inc.php
===================================================================
RCS file: /cvsroot/php-blog/serendipity/include/admin/users.inc.php,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -d -r1.11 -r1.12

--- users.inc.php	3 Feb 2005 18:55:19 -0000	1.11
+++ users.inc.php	15 Feb 2005 08:29:13 -0000	1.12
@@ -28,7 +28,7 @@
 
 /* Save new user */
 if (isset($_POST['SAVE_NEW'])) {
-    if ($serendipity['POST']['userlevel'] >= $serendipity['serendipityUserlevel'] && $serendipity['serendipityUserlevel'] < USERLEVEL_ADMIN) {
+    if ($_POST['userlevel'] >= $serendipity['serendipityUserlevel'] && $serendipity['serendipityUserlevel'] < USERLEVEL_ADMIN) {
         echo '<div class="serendipityAdminMsgError">' . CREATE_NOT_AUTHORIZED . '</div>';
     } else {
         $enc_pass = md5($_POST['pass']);





[php-blog-cvs] serendipity/include/admin users.inc.php,1.11,1.12

A reliable, secure & extensible PHP blog | Not mainstream since 2002

[php-blog-cvs] serendipity/include/admin users.inc.php,1.11,1.12