Skip to content

Commit

Permalink
Close wide-open hacking hole! This script wasn't checking for admin
Browse files Browse the repository at this point in the history 
user in the case where the site has been defined already.  Oops. Fixed now.
  • Loading branch information
martin committed Aug 6, 2002
1 parent 9c055aa commit ce15d17
Showing 1 changed file with 5 additions and 1 deletion.
6 changes: 5 additions & 1 deletion admin/site.php
View file
Original file line number Original file line Diff line number Diff line change
Expand Up @@ -2,7 +2,11 @@


require("../config.php"); require("../config.php");


$course = get_site(); if ($course = get_site()) {
if (!isadmin()) {
error("You need to be admin to edit this page");
}
}
$course->format = "social"; // override $course->format = "social"; // override


/// If data submitted, then process and store. /// If data submitted, then process and store.
Expand Down

0 comments on commit ce15d17

Please sign in to comment.