Permalink
Browse files

# [#28607] Missing direct access check for com_finder. Thanks Sander

  • Loading branch information...
1 parent e8fe002 commit 25ef73f69fd785ce63ecbc2e94e26e15956d6eca Sander Potjer committed with infograf768 Jun 3, 2012
Showing with 6 additions and 0 deletions.
  1. +5 −0 administrator/components/com_finder/finder.php
  2. +1 −0 installation/CHANGELOG
@@ -9,6 +9,11 @@
defined('_JEXEC') or die;
+// Access check.
+if (!JFactory::getUser()->authorise('core.manage', 'com_finder')) {
+ return JError::raiseWarning(404, JText::_('JERROR_ALERTNOAUTHOR'));
+}
+
jimport('joomla.application.component.controller');
// Execute the task.
View
@@ -31,6 +31,7 @@ $ -> Language fix or change
# [#28602] *Menu Item Manager: Show Batch Processing only if allowed. Thanks Johannes
# [#28611] *ACL: Module Manager: Show Batch Processing only if allowed
# [#28536] Undefined variable $prev in com_config. Thanks Rouven
+ # [#28607] Missing direct access check for com_finder. Thanks Sander
02-June-2012 Jean-Marie Simonet
# [#28375] Remove blacklist code from FinderIndexerHelper. Thanks Michael

0 comments on commit 25ef73f

Please sign in to comment.