projects
/
timetracker.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Adjusted time.php to honor note on separate row option.
[timetracker.git]
/
cf_custom_field_edit.php
diff --git
a/cf_custom_field_edit.php
b/cf_custom_field_edit.php
index
32ee387
..
0bf5818
100644
(file)
--- a/
cf_custom_field_edit.php
+++ b/
cf_custom_field_edit.php
@@
-30,16
+30,22
@@
require_once('initialize.php');
require_once('plugins/CustomFields.class.php');
import('form.Form');
require_once('plugins/CustomFields.class.php');
import('form.Form');
-// Access check.
-if (!ttAccessAllowed('manage_custom_fields')
|| !$user->isPluginEnabled('cf')
) {
+// Access check
s
.
+if (!ttAccessAllowed('manage_custom_fields')) {
header('Location: access_denied.php');
exit();
}
header('Location: access_denied.php');
exit();
}
-
-$cl_id = $request->getParameter('id');
+if (!$user->isPluginEnabled('cf')) {
+ header('Location: feature_disabled.php');
+ exit();
+}
+$cl_id = (int)$request->getParameter('id');
$field = CustomFields::getField($cl_id);
$field = CustomFields::getField($cl_id);
-if (false === $field)
- $err->add($i18n->get('error.db'));
+if (!$field) {
+ header('Location: access_denied.php');
+ exit();
+}
+// End of access checks.
$form = new Form('fieldForm');
if ($err->no()) {
$form = new Form('fieldForm');
if ($err->no()) {