tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixed ACL errors

This commit is contained in:
Alejandro Gallardo Escobar 2014-10-16 12:21:59 +02:00
parent 391c18ff26
commit 10ee04d610
1 changed files with 2 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
pandora_console/operation/reporting/reporting_xml.php
View File

@ -140,19 +140,13 @@ if (!$id_report) {
$report = db_get_row ('treport', 'id_report', $id_report);
$report["datetime"] = get_system_time();
if (! check_acl ($config['id_user'], $report['id_group'], "AR")) {
if (empty($report) || ! check_acl ($config['id_user'], $report['id_group'], "RR")) {
db_pandora_audit("ACL Violation","Trying to access graph reader");
include ("general/noaccess.php");
exit;
}
if ($report['id_group'] != 0 &&
!is_user_admin ($config['id_user'])) {
include ("general/noaccess.php");
return;
}
$report["datetime"] = get_system_time();
header ('Content-type: application/xml; charset="utf-8"', true);