return true;
}
+
+// ttAccessAllowed checks whether user is allowed access to a particular page.
+// This function is a replacement for ttAccessCheck above as part of roles revamp.
+// To be used as an initial check on all publicly available pages
+// (except login.php and register.php where we don't have to check).
+function ttAccessAllowed($required_right)
+{
+ global $auth;
+ global $user;
+
+ // Redirect to login page if user is not authenticated.
+ if (!$auth->isAuthenticated()) {
+ header('Location: login.php');
+ exit();
+ }
+
+ // Check if user has the right.
+ if (in_array($required_right, $user->rights))
+ return true;
+
+ return false;
+}
\ No newline at end of file
<br>
<table cellspacing="0" cellpadding="4" width="100%" border="0">
<tr>
- <td align="center"> Anuko Time Tracker 1.17.3
8.4059 | Copyright © <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
+ <td align="center"> Anuko Time Tracker 1.17.3
9.4060 | Copyright © <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
<a href="https://www.anuko.com/lp/tt_4.htm" target="_blank">{$i18n.footer.credits}</a> |
<a href="https://www.anuko.com/lp/tt_5.htm" target="_blank">{$i18n.footer.license}</a> |
<a href="https://www.anuko.com/lp/tt_7.htm" target="_blank">{$i18n.footer.improve}</a>
import('ttUserHelper');
// Access check.
-if (!ttAccessCheck(right_administer_site)) {
+if (!ttAccessAllowed('administer_site')) {
header('Location: access_denied.php');
exit();
}
projects / timetracker.git / commitdiff