X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=cf_dropdown_options.php;h=3b4663f8c1856bec56d8be0f83e7ad8fa6309102;hb=e23ea8f905bd9122e5c52a3457d05ebb20f6570b;hp=02f59f56b350e6353551d060a136842e12107e68;hpb=a0dd058ab6007cfc6a72713215a7f4abb96f1b45;p=timetracker.git

diff --git a/cf_dropdown_options.php b/cf_dropdown_options.php
index 02f59f56..3b4663f8 100644
--- a/cf_dropdown_options.php
+++ b/cf_dropdown_options.php
@@ -30,20 +30,25 @@ require_once('initialize.php');
 require_once('plugins/CustomFields.class.php');
 import('form.Form');
 
-// Access check.
-if (!ttAccessAllowed('manage_custom_fields') || !$user->isPluginEnabled('cf')) {
+// Access checks.
+if (!ttAccessAllowed('manage_custom_fields')) {
   header('Location: access_denied.php');
   exit();
 }
+if (!$user->isPluginEnabled('cf')) {
+  header('Location: feature_disabled.php');
+  exit();
+}
+$field_id = (int)$request->getParameter('field_id');
+$field = CustomFields::getField($field_id);
+if (!$field) {
+  header('Location: access_denied.php');
+  exit();
+}
+// End of access checks.
 
-$field_id = $request->getParameter('field_id');
 $options = CustomFields::getOptions($field_id);
-if (false === $options)
-  $err->add($i18n->get('error.db'));
-
-$form = new Form('dropdownOptionsForm');
 
-$smarty->assign('forms', array($form->getName()=>$form->toArray()));
 $smarty->assign('field_id', $field_id);
 $smarty->assign('options', $options);
 $smarty->assign('title', $i18n->get('title.cf_dropdown_options'));