mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-01-18 05:58:34 +01:00
Code Issues Projects Releases Wiki Activity

SC 289, small, but non-exploitable hole in backup permissions checking. Merged from MOODLE_16_STABLE.

Browse Source
This commit is contained in:
tjhunt 2006-08-13 20:39:21 +00:00
parent acee2e2491
commit a7c3953d1c
1 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
backup/backup.php
View File

@ -17,13 +17,7 @@
if (!empty($id)) {
if (!isteacheredit($id)) {
if (empty($to)) {
error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php");
} else {
if (!isteacheredit($to)) {
error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php");
}
}
error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php");
}
} else {
if (!isadmin()) {
@ -31,6 +25,12 @@
}
}
if (!empty($to)) {
if (!isteacheredit($to)) {
error("You need to be a teacher or admin user to use this page.", "$CFG->wwwroot/login/index.php");
}
}
//Check site
if (!$site = get_site()) {
error("Site not found!");
@ -126,7 +126,7 @@
}
print_simple_box_end();
//Print footer
//Print footer
print_footer();
?>
?>