https://src.bluestatic.org / bugdar.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c89550a)
r546: Additional permission checking
authorRobert Sesek <rsesek@bluestatic.org>
Wed, 12 Oct 2005 03:58:31 +0000 (03:58 +0000)
committerRobert Sesek <rsesek@bluestatic.org>
Wed, 12 Oct 2005 03:58:31 +0000 (03:58 +0000)
showhistory.php patch | blob | history

diff --git a/showhistory.php b/showhistory.php
index 05ef0f432d6a005884f6aea3b2b36f3882e960a0..0b1c985542f9c7e25cc9070cc14a3def9af276ef 100644 (file)
--- a/showhistory.php
+++ b/showhistory.php
@@ -27,7 +27,7 @@ if (!$bug)
        $message->error($lang->getlex('error_invalid_id'));
 }
 
-if ($bug['hidden'] AND !can_perform('canviewhidden', $bug['productid']))
+if (($bug['hidden'] AND !can_perform('canviewhidden', $bug['productid'])) OR !can_perform('canviewbugs', $bug['productid']))
 {
        $message->error_permission();
 }
Open-source PHP-MySQL bug tracking system that has customizable CSS/XHTML templates, email notifications, Atom syndication, internationalization support, and a very simple setup.