diff options
| author | rub <rub@piwigo.org> | 2006-10-21 12:07:00 +0000 |
|---|---|---|
| committer | rub <rub@piwigo.org> | 2006-10-21 12:07:00 +0000 |
| commit | bc7b43345722917274a352dde49895e909fec6aa (patch) | |
| tree | b0f86667d1aa9f10b0d1e98103d51f9b6e58e1a0 /admin/configuration.php | |
| parent | 60866f64c883091a7264299e3094c2ce733bfe91 (diff) | |
Resolved Issue ID 0000356:
o Increase security on adviser mode
First modifications of n modifications.
All the others modifications will be done on BSF branch.
Merge branch-1_6 1558:1559 into BSF
git-svn-id: http://piwigo.org/svn/branches/branch-1_6@1569 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'admin/configuration.php')
| -rw-r--r-- | admin/configuration.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/admin/configuration.php b/admin/configuration.php index 9f01849f6..5890739d6 100644 --- a/admin/configuration.php +++ b/admin/configuration.php @@ -53,7 +53,7 @@ while ($row = mysql_fetch_array($result)) $conf[$row['param']] = $row['value']; // if the parameter is present in $_POST array (if a form is submited), we // override it with the submited value - if (isset($_POST[$row['param']])) + if (isset($_POST[$row['param']]) and !is_adviser()) { $conf[$row['param']] = $_POST[$row['param']]; if ( 'page_banner'==$row['param'] ) @@ -63,7 +63,7 @@ while ($row = mysql_fetch_array($result)) } } //------------------------------ verification and registration of modifications -if (isset($_POST['submit'])) +if (isset($_POST['submit']) and !is_adviser()) { $int_pattern = '/^\d+$/'; switch ($page['section']) |