Browse code

bugfix: most users have multiple roles, so checking with == is wrong

Bernd Wurst authored on30/03/2012 14:33:43
Showing1 changed files
... ...
@@ -34,11 +34,11 @@ if (isset($_GET['clear']))
34 34
 }
35 35
 
36 36
 $username = NULL;
37
-if ($_SESSION['role'] == ROLE_SYSTEMUSER) {
37
+if ($_SESSION['role'] & ROLE_SYSTEMUSER) {
38 38
   $username = $_SESSION['userinfo']['username'];
39 39
   if (isset($_SESSION['subuser']))
40 40
     $username = $_SESSION['subuser'];
41
-} elseif ($_SESSION['role'] == ROLE_VMAIL_ACCOUNT) {
41
+} elseif ($_SESSION['role'] & ROLE_VMAIL_ACCOUNT) {
42 42
   $username = $_SESSION['mailaccount'];
43 43
 }
44 44
 
... ...
@@ -56,6 +56,7 @@ if (isset($_SESSION['clientcert_cert']))
56 56
 }
57 57
 
58 58
 
59
+DEBUG($username);
59 60
 $certs = get_certs_by_username($username);
60 61
 if ($certs != NULL) {
61 62
   output('<p>Sie haben bereits Zertifikate für den Zugang eingerichtet.</p>