From: Joey Schulze <joey@infodrom.org>
Date: Tue, 9 Mar 2010 08:05:36 +0000 (+0100)
Subject: Adjust permission check
X-Git-Tag: 2010-06-02_customer~79
X-Git-Url: https://git.infodrom.org/?p=misc%2Fkostenrechnung;a=commitdiff_plain;h=c74e42d841286cfd33ca287ad113cbdd2017e86d

Adjust permission check
---

diff --git a/lib/general.php b/lib/general.php
index 8c95557..837a4b8 100644
--- a/lib/general.php
+++ b/lib/general.php
@@ -76,8 +76,8 @@ function check_session()
 
   /* table connections */
   if (substr($_SERVER["SCRIPT_FILENAME"],-25) == '/ricoUpdateConnection.php' &&
-      !empty($_POST['table'])) {
-    if (check_permissions($_POST['table']))
+      !empty($_GET['id']) && substr($_GET['id'],0,5) == 'grid_') {
+    if (check_permissions(substr($_GET['id'],5)))
       return true;
     else
       format_ajax(array('error' => 'No permission to access data'));