From 808a0138db74b0012c4ce139ed6d5cc9d657028c Mon Sep 17 00:00:00 2001
From: Nik Okuntseff <support@anuko.com>
Date: Sun, 7 Apr 2019 15:54:38 +0000
Subject: [PATCH] Fixed file_download.php.

---
 WEB-INF/templates/footer.tpl | 2 +-
 file_download.php            | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl
index 96f2ae3e..fdfaf89a 100644
--- a/WEB-INF/templates/footer.tpl
+++ b/WEB-INF/templates/footer.tpl
@@ -12,7 +12,7 @@
       <br>
       <table cellspacing="0" cellpadding="4" width="100%" border="0">
         <tr>
-          <td align="center">&nbsp;Anuko Time Tracker 1.18.64.4918 | Copyright &copy; <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
+          <td align="center">&nbsp;Anuko Time Tracker 1.18.64.4919 | Copyright &copy; <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
             <a href="https://www.anuko.com/lp/tt_4.htm" target="_blank">{$i18n.footer.credits}</a> |
             <a href="https://www.anuko.com/lp/tt_5.htm" target="_blank">{$i18n.footer.license}</a> |
             <a href="https://www.anuko.com/lp/tt_7.htm" target="_blank">{$i18n.footer.improve}</a>
diff --git a/file_download.php b/file_download.php
index 8a17b4d7..e4d35c70 100644
--- a/file_download.php
+++ b/file_download.php
@@ -29,6 +29,7 @@
 require_once('initialize.php');
 import('form.Form');
 import('ttFileHelper');
+import('ttTimeHelper');
 import('ttProjectHelper');
 
 // Access checks.
@@ -41,7 +42,7 @@ if (!$file) {
 // Entity-specific checks.
 $entity_type = $file['entity_type'];
 if ($entity_type == 'time') {
-  if (!(ttAccessAllowed('track_own_time') || ttAccessAllowed('track_time')) || !ttTimeHelper::getRecord($file['entity_id'])) {
+  if (!(ttAccessAllowed('track_own_time') || ttAccessAllowed('track_time')) || !ttTimeHelper::getRecordForFileView($file['entity_id'])) {
     header('Location: access_denied.php');
     exit();
   }
-- 
2.20.1