[phpBT-dev] CVS: phpbt attachment.php,1.8,1.9 bug.php,1.41,1.42 include.php,1.54,1.55 user.php,1.14,

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/phpbt/phpbt
In directory usw-pr-cvs1:/tmp/cvs-serv19301

Modified Files:
	attachment.php bug.php include.php user.php 
Log Message:
Correct the permission and group checks

Index: attachment.php
===================================================================
RCS file: /cvsroot/phpbt/phpbt/attachment.php,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9

--- attachment.php	2001/09/03 17:59:11	1.8
+++ attachment.php	2001/09/18 03:36:33	1.9
@@ -153,7 +153,7 @@
 		del_attachment($_gv['del']);
 	}
 } elseif (isset($HTTP_POST_FILES['attachment'])) {
-	$perm->check('User');
+	$perm->check('Editbug');
 	add_attachment($_pv['bugid'],	$_pv['description']);
 } elseif (isset($_gv['attachid'])) {
 	if (list($filename, $mimetype) = grab_attachment($_gv['attachid'])) {
@@ -162,7 +162,7 @@
 		exit;
 	}
 } else {
-	$perm->check('User');
+	$perm->check('Editbug');
 	show_attachment_form($_gv['bugid']);
 }
 

Index: bug.php
===================================================================
RCS file: /cvsroot/phpbt/phpbt/bug.php,v
retrieving revision 1.41
retrieving revision 1.42
diff -u -r1.41 -r1.42
--- bug.php	2001/09/11 13:02:51	1.41
+++ bug.php	2001/09/18 03:36:33	1.42
@@ -544,7 +544,7 @@
 	switch($op) {
 		case 'history' : show_history($bugid); break;
 		case 'add' : 
-			$perm->check('User');
+			$perm->check('Editbug');
 			if ($project) show_form(); 
 			else show_projects();
 			break;

Index: include.php
===================================================================
RCS file: /cvsroot/phpbt/phpbt/include.php,v
retrieving revision 1.54
retrieving revision 1.55
diff -u -r1.54 -r1.55
--- include.php	2001/09/07 13:17:37	1.54
+++ include.php	2001/09/18 03:36:33	1.55
@@ -188,6 +188,17 @@
     $t->set_file('content','badperm.html');
     $t->pparse('main',array('content','wrap','main'));
   }
+
+	function check_group($group) {
+		global $t;
+
+		if (!$this->check_auth('group', $group)) {		
+			$t->set_file('content', 'badgroup.html');
+			$t->set_var('group', $group);
+			$t->pparse('main',array('content','wrap','main'));
+			exit();
+		}
+	}
 }
 
 class templateclass extends Template {

Index: user.php
===================================================================
RCS file: /cvsroot/phpbt/phpbt/user.php,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- user.php	2001/09/01 15:44:20	1.14
+++ user.php	2001/09/18 03:36:33	1.15
@@ -82,7 +82,7 @@
 }
 
 $t->set_file('wrap', 'wrap.html');
-$perm->check('User');
+$perm->check_group('User');
 
 if ($do) switch ($do) {
 	case 'changepassword' : change_password($_pv['pass1'], $_pv['pass2']); break;





[phpBT-dev] CVS: phpbt attachment.php,1.8,1.9 bug.php,1.41,1.42 include.php,1.54,1.55 user.php,1.14,

Bug tracking system

[phpBT-dev] CVS: phpbt attachment.php,1.8,1.9 bug.php,1.41,1.42 include.php,1.54,1.55 user.php,1.14,1.15