forked from extern/egroupware
should now disallow editing of records not allowed to.
This commit is contained in:
parent
7a78f0f55d
commit
e13be15f56
@ -610,11 +610,10 @@
|
||||
$cal_id = $GLOBALS['HTTP_GET_VARS']['cal_id'];
|
||||
$event = $this->bo->read_entry(intval($GLOBALS['HTTP_GET_VARS']['cal_id']));
|
||||
|
||||
$can_edit = $this->bo->can_user_edit($event);
|
||||
|
||||
if(!$can_edit)
|
||||
if(!$this->bo->can_user_edit($event))
|
||||
{
|
||||
$this->view(intval($GLOBALS['HTTP_GET_VARS']['cal_id']));
|
||||
$GLOBALS['phpgw']->common->phpgw_exit();
|
||||
}
|
||||
if(@isset($GLOBALS['HTTP_POST_VARS']['edit_type']) && $GLOBALS['HTTP_POST_VARS']['edit_type'] == 'single')
|
||||
{
|
||||
|
Loading…
Reference in New Issue
Block a user