From 258fa3b40c0c60adad284ad3bc09ed33c5dc53a1 Mon Sep 17 00:00:00 2001
From: rub <rub@piwigo.org>
Date: Sat, 21 Oct 2006 12:28:07 +0000
Subject: Resolved Issue ID 0000356:   o Increase security on adviser mode

First modifications of n modifications.
All the others modifications will be done on BSF branch.


Merge branch-1_6 1568:1570 into BSF

git-svn-id: http://piwigo.org/svn/trunk@1571 68402e56-0260-453c-a942-63ccdbb3a9ee
---
 admin/tags.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'admin/tags.php')

diff --git a/admin/tags.php b/admin/tags.php
index 95c6f7d77..3b8048bc7 100644
--- a/admin/tags.php
+++ b/admin/tags.php
@@ -37,7 +37,7 @@ check_status(ACCESS_ADMINISTRATOR);
 // |                                edit tags                              |
 // +-----------------------------------------------------------------------+
 
-if (isset($_POST['submit']))
+if (isset($_POST['submit']) and !is_adviser())
 {
   $query = '
 SELECT name
@@ -110,7 +110,7 @@ SELECT id, name
 // |                               delete tags                             |
 // +-----------------------------------------------------------------------+
 
-if (isset($_POST['delete']) and isset($_POST['tags']))
+if (isset($_POST['delete']) and isset($_POST['tags']) and !is_adviser())
 {
   $query = '
 SELECT name
@@ -147,7 +147,7 @@ DELETE
 // |                               add a tag                               |
 // +-----------------------------------------------------------------------+
 
-if (isset($_POST['add']) and !empty($_POST['add_tag']))
+if (isset($_POST['add']) and !empty($_POST['add_tag']) and !is_adviser())
 {
   $tag_name = $_POST['add_tag'];
 
-- 
cgit v1.2.3