Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix issue #3002 - "User 'administrator' is not able to change other u…
…sers settings" * account_prefs_update.php + check if $f_user_id is unprotected instead of the current user + if f_user_id is not the current user, perform an additional access check NOTE: I'm not sure we should be sharing this file between the account section and manage section. Having to add that conditional access check is a little ugly and who knows if the pages will always be the same. Most of the code should be in an API function anyway. git-svn-id: http://mantisbt.svn.sourceforge.net/svnroot/mantisbt/trunk@2026 f5dc347c-c33d-0410-90a0-b07cc1902cb9
- Loading branch information