diff options
author | rub <rub@piwigo.org> | 2006-10-21 12:07:00 +0000 |
---|---|---|
committer | rub <rub@piwigo.org> | 2006-10-21 12:07:00 +0000 |
commit | bc7b43345722917274a352dde49895e909fec6aa (patch) | |
tree | b0f86667d1aa9f10b0d1e98103d51f9b6e58e1a0 /admin/tags.php | |
parent | 60866f64c883091a7264299e3094c2ce733bfe91 (diff) |
Resolved Issue ID 0000356:
o Increase security on adviser mode
First modifications of n modifications.
All the others modifications will be done on BSF branch.
Merge branch-1_6 1558:1559 into BSF
git-svn-id: http://piwigo.org/svn/branches/branch-1_6@1569 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
-rw-r--r-- | admin/tags.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/admin/tags.php b/admin/tags.php index 95c6f7d77..3b8048bc7 100644 --- a/admin/tags.php +++ b/admin/tags.php @@ -37,7 +37,7 @@ check_status(ACCESS_ADMINISTRATOR); // | edit tags | // +-----------------------------------------------------------------------+ -if (isset($_POST['submit'])) +if (isset($_POST['submit']) and !is_adviser()) { $query = ' SELECT name @@ -110,7 +110,7 @@ SELECT id, name // | delete tags | // +-----------------------------------------------------------------------+ -if (isset($_POST['delete']) and isset($_POST['tags'])) +if (isset($_POST['delete']) and isset($_POST['tags']) and !is_adviser()) { $query = ' SELECT name @@ -147,7 +147,7 @@ DELETE // | add a tag | // +-----------------------------------------------------------------------+ -if (isset($_POST['add']) and !empty($_POST['add_tag'])) +if (isset($_POST['add']) and !empty($_POST['add_tag']) and !is_adviser()) { $tag_name = $_POST['add_tag']; |