X-Git-Url: http://wagnertech.de/git?a=blobdiff_plain;f=task_edit.php;h=324f1dbb8e3068215169c26e3cdd870a40c5355c;hb=a575a9147976a06263d8a7eae006d6ba3372446e;hp=bba89bebdb91ff1fa4341f9e66964b1b2004d65d;hpb=a8a4278a6a87c600835890a10c774dfdc58e930a;p=timetracker.git

diff --git a/task_edit.php b/task_edit.php
index bba89beb..324f1dbb 100644
--- a/task_edit.php
+++ b/task_edit.php
@@ -40,8 +40,14 @@ if (MODE_PROJECTS_AND_TASKS != $user->tracking_mode) {
   header('Location: feature_disabled.php');
   exit();
 }
-
 $cl_task_id = (int)$request->getParameter('id');
+$task = ttTaskHelper::get($cl_task_id);
+if (!$task) {
+  header('Location: access_denied.php');
+  exit();
+}
+// End of access checks.
+
 $projects = ttTeamHelper::getActiveProjects($user->team_id);
 
 if ($request->isPost()) {
@@ -50,11 +56,9 @@ if ($request->isPost()) {
   $cl_status = $request->getParameter('status');
   $cl_projects = $request->getParameter('projects');
 } else {
-  $task = ttTaskHelper::get($cl_task_id);
   $cl_name = $task['name'];
   $cl_description = $task['description'];
   $cl_status = $task['status'];
-
   $assigned_projects = ttTaskHelper::getAssignedProjects($cl_task_id);
   foreach ($assigned_projects as $project_item)
     $cl_projects[] = $project_item['id'];