X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=WEB-INF%2Flib%2Fcommon.lib.php;h=69c38b731e63a867d6530c7d99faf96f1bd5f1e8;hb=7218f84ad58ed22a926b3ffa7a152ca7f93f0204;hp=ec21d6751a053bc7588cd6a57d4553fb806b0abf;hpb=7ea057af633d933eb5b39cceb112c3cc98c55a1d;p=timetracker.git

diff --git a/WEB-INF/lib/common.lib.php b/WEB-INF/lib/common.lib.php
index ec21d675..69c38b73 100644
--- a/WEB-INF/lib/common.lib.php
+++ b/WEB-INF/lib/common.lib.php
@@ -325,22 +325,23 @@ function ttValidCondition($val, $emptyValid = true)
   return true;
 }
 
-// ttAccessCheck is used to check whether user is allowed to proceed. This function is used
-// as an initial check on all publicly available pages.
-function ttAccessCheck($required_rights)
+// ttAccessAllowed checks whether user is allowed access to a particular page.
+// It is used as an initial check on all publicly available pages
+// (except login.php, register.php, and others where we don't have to check).
+function ttAccessAllowed($required_right)
 {
   global $auth;
   global $user;
-  
+
   // Redirect to login page if user is not authenticated.
   if (!$auth->isAuthenticated()) {
     header('Location: login.php');
     exit();
   }
-  
-  // Check rights.
-  if (!($required_rights & $user->rights_mask))
-    return false;
-    
-  return true;
+
+  // Check if user has the right.
+  if (in_array($required_right, $user->rights))
+    return true;
+
+  return false;
 }