bugfix: (once again) most users have multiple roles, so checking with == is wrong
Bernd Wurst commited on 2012-03-30 17:19:34
Zeige 2 geänderte Dateien mit 6 Einfügungen und 6 Löschungen.
- modules/index/certsave.php 1353ce4..9440d4c
- modules/index/include/x509.php ff3d5c0..efa6f8e
| ... | ... |
@@ -40,11 +40,11 @@ elseif ($_GET['action'] == 'delete') |
| 40 | 40 |
if (! $cert) |
| 41 | 41 |
system_failure('no ID');
|
| 42 | 42 |
$username = NULL; |
| 43 |
- if ($_SESSION['role'] == ROLE_SYSTEMUSER) {
|
|
| 43 |
+ if ($_SESSION['role'] & ROLE_SYSTEMUSER) {
|
|
| 44 | 44 |
$username = $_SESSION['userinfo']['username']; |
| 45 | 45 |
if (isset($_SESSION['subuser'])) |
| 46 | 46 |
$username = $_SESSION['subuser']; |
| 47 |
- } elseif ($_SESSION['role'] == ROLE_VMAIL_ACCOUNT) {
|
|
| 47 |
+ } elseif ($_SESSION['role'] & ROLE_VMAIL_ACCOUNT) {
|
|
| 48 | 48 |
$username = $_SESSION['mailaccount']; |
| 49 | 49 |
} |
| 50 | 50 |
if (! ($cert['username'] == $username)) |
| ... | ... |
@@ -67,13 +67,13 @@ function add_clientcert($certdata, $dn, $issuer, $startpage='') |
| 67 | 67 |
{
|
| 68 | 68 |
$type = NULL; |
| 69 | 69 |
$username = NULL; |
| 70 |
- if ($_SESSION['role'] == ROLE_SYSTEMUSER) {
|
|
| 70 |
+ if ($_SESSION['role'] & ROLE_SYSTEMUSER) {
|
|
| 71 | 71 |
$type = 'user'; |
| 72 | 72 |
$username = mysql_real_escape_string($_SESSION['userinfo']['username']); |
| 73 | 73 |
if (isset($_SESSION['subuser'])) |
| 74 | 74 |
$username = mysql_real_escape_string($_SESSION['subuser']); |
| 75 | 75 |
$type = 'subuser'; |
| 76 |
- } elseif ($_SESSION['role'] == ROLE_VMAIL_ACCOUNT) {
|
|
| 76 |
+ } elseif ($_SESSION['role'] & ROLE_VMAIL_ACCOUNT) {
|
|
| 77 | 77 |
$type = 'email'; |
| 78 | 78 |
$username = mysql_real_escape_string($_SESSION['mailaccount']); |
| 79 | 79 |
} |
| ... | ... |
@@ -104,13 +104,13 @@ function delete_clientcert($id) |
| 104 | 104 |
$id = (int) $id; |
| 105 | 105 |
$type = NULL; |
| 106 | 106 |
$username = NULL; |
| 107 |
- if ($_SESSION['role'] == ROLE_SYSTEMUSER) {
|
|
| 107 |
+ if ($_SESSION['role'] & ROLE_SYSTEMUSER) {
|
|
| 108 | 108 |
$type = 'user'; |
| 109 | 109 |
$username = mysql_real_escape_string($_SESSION['userinfo']['username']); |
| 110 | 110 |
if (isset($_SESSION['subuser'])) |
| 111 | 111 |
$username = mysql_real_escape_string($_SESSION['subuser']); |
| 112 | 112 |
$type = 'subuser'; |
| 113 |
- } elseif ($_SESSION['role'] == ROLE_VMAIL_ACCOUNT) {
|
|
| 113 |
+ } elseif ($_SESSION['role'] & ROLE_VMAIL_ACCOUNT) {
|
|
| 114 | 114 |
$type = 'email'; |
| 115 | 115 |
$username = mysql_real_escape_string($_SESSION['mailaccount']); |
| 116 | 116 |
} |
| 117 | 117 |