diff options
author | rub <rub@piwigo.org> | 2006-10-21 12:28:07 +0000 |
---|---|---|
committer | rub <rub@piwigo.org> | 2006-10-21 12:28:07 +0000 |
commit | 258fa3b40c0c60adad284ad3bc09ed33c5dc53a1 (patch) | |
tree | 71616e49e713f5fb26038343c80a3c7b89b2fa06 /admin/tags.php | |
parent | eaacbc7b2d224524eac6def04e9b721949afd4b8 (diff) |
Resolved Issue ID 0000356:
o Increase security on adviser mode
First modifications of n modifications.
All the others modifications will be done on BSF branch.
Merge branch-1_6 1568:1570 into BSF
git-svn-id: http://piwigo.org/svn/trunk@1571 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'admin/tags.php')
-rw-r--r-- | admin/tags.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/admin/tags.php b/admin/tags.php index 95c6f7d77..3b8048bc7 100644 --- a/admin/tags.php +++ b/admin/tags.php @@ -37,7 +37,7 @@ check_status(ACCESS_ADMINISTRATOR); // | edit tags | // +-----------------------------------------------------------------------+ -if (isset($_POST['submit'])) +if (isset($_POST['submit']) and !is_adviser()) { $query = ' SELECT name @@ -110,7 +110,7 @@ SELECT id, name // | delete tags | // +-----------------------------------------------------------------------+ -if (isset($_POST['delete']) and isset($_POST['tags'])) +if (isset($_POST['delete']) and isset($_POST['tags']) and !is_adviser()) { $query = ' SELECT name @@ -147,7 +147,7 @@ DELETE // | add a tag | // +-----------------------------------------------------------------------+ -if (isset($_POST['add']) and !empty($_POST['add_tag'])) +if (isset($_POST['add']) and !empty($_POST['add_tag']) and !is_adviser()) { $tag_name = $_POST['add_tag']; |