projects
/
fa-stable.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Some security fixes backported from unstable code.
[fa-stable.git]
/
includes
/
session.inc
diff --git
a/includes/session.inc
b/includes/session.inc
index 73f9253a939567fbe69249b2f175a2707658c859..b641fbcc66b8925cae563635fba1740df630a9ec 100644
(file)
--- a/
includes/session.inc
+++ b/
includes/session.inc
@@
-61,7
+61,11
@@
function check_page_security($page_security)
if (!$_SESSION["wa_current_user"]->can_access_page($page_security))
{
if (!$_SESSION["wa_current_user"]->can_access_page($page_security))
{
- page(_("Access denied"));
+ // no_menu parameter guess here is ugly hack, but works for now.
+ // Better solution is to use global switch for menu, set before
+ // session.inc inclusion.
+ page(_("Access denied"), strpos($_SERVER['PHP_SELF'], '/view/'));
+
echo "<center><br><br><br><b>";
echo _("The security settings on your account do not permit you to access this function");
echo "</b>";
echo "<center><br><br><br><b>";
echo _("The security settings on your account do not permit you to access this function");
echo "</b>";