projects
/
timetracker.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Conditionally showing Work plugin depending on WORK_DEBUG constant.
[timetracker.git]
/
cf_dropdown_option_add.php
diff --git
a/cf_dropdown_option_add.php
b/cf_dropdown_option_add.php
index
b950083
..
de59818
100644
(file)
--- a/
cf_dropdown_option_add.php
+++ b/
cf_dropdown_option_add.php
@@
-30,16
+30,22
@@
require_once('initialize.php');
require_once('plugins/CustomFields.class.php');
import('form.Form');
require_once('plugins/CustomFields.class.php');
import('form.Form');
-// Access check.
-if (!ttAccessAllowed('manage_custom_fields')
|| !$user->isPluginEnabled('cf')
) {
+// Access check
s
.
+if (!ttAccessAllowed('manage_custom_fields')) {
header('Location: access_denied.php');
exit();
}
header('Location: access_denied.php');
exit();
}
-
-$cl_field_id = $request->getParameter('field_id');
+if (!$user->isPluginEnabled('cf')) {
+ header('Location: feature_disabled.php');
+ exit();
+}
+$cl_field_id = (int)$request->getParameter('field_id');
$field = CustomFields::getField($cl_field_id);
$field = CustomFields::getField($cl_field_id);
-if (false === $field)
- $err->add($i18n->get('error.db'));
+if (!$field) {
+ header('Location: access_denied.php');
+ exit();
+}
+// End of access checks.
$form = new Form('optionAddForm');
if ($err->no()) {
$form = new Form('optionAddForm');
if ($err->no()) {