$bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $comment[bugid]");
-if ($bug['hidden'] AND !can_perform('canviewhidden', $bug['product']))
+if (!(($bug['hidden'] AND can_perform('canviewhidden', $bug['product'])) OR ($bug['hidden'] AND $bugsys->userinfo['userid'] == $bug['userid'] AND can_perform('canviewownhidden'))) AND can_perform('canviewbugs', $bug['product']))
{
$message->error_permissison();
}
$message->error($lang->getlex('error_invalid_id'));
}
-if ($bug['hidden'] AND !can_perform('canviewhidden', $bug['product']))
+if (!(($bug['hidden'] AND can_perform('canviewhidden', $bug['product'])) OR ($bug['hidden'] AND $bugsys->userinfo['userid'] == $bug['userid'] AND can_perform('canviewownhidden'))) AND can_perform('canviewbugs', $bug['product']))
{
$message->error_permission();
}
$message->error($lang->getlex('error_invalid_id'));
}
-if (($bug['hidden'] AND !can_perform('canviewhidden', $bug['product'])) OR !can_perform('canviewbugs', $bug['product']))
+if (!(($bug['hidden'] AND can_perform('canviewhidden', $bug['product'])) OR ($bug['hidden'] AND $bugsys->userinfo['userid'] == $bug['userid'] AND can_perform('canviewownhidden'))) AND can_perform('canviewbugs', $bug['product']))
{
$message->error_permission();
}
$message->error($lang->getlex('error_invalid_id'));
}
-if ($bug['hidden'] AND !can_perform('canviewhidden', $bug['product']))
+if (!(($bug['hidden'] AND can_perform('canviewhidden', $bug['product'])) OR ($bug['hidden'] AND $bugsys->userinfo['userid'] == $bug['userid'] AND can_perform('canviewownhidden'))) AND can_perform('canviewbugs', $bug['product']))
{
$message->error_permission();
}