projects / timetracker.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3eea3d0)
Security fix for invoice view.
authorNik Okuntseff <support@anuko.com>
Mon, 12 Mar 2018 19:21:34 +0000 (19:21 +0000)
committerNik Okuntseff <support@anuko.com>
Mon, 12 Mar 2018 19:21:34 +0000 (19:21 +0000)
WEB-INF/lib/ttInvoiceHelper.class.php patch | blob | history
WEB-INF/templates/footer.tpl patch | blob | history
invoice_send.php patch | blob | history
invoice_view.php patch | blob | history

diff --git a/WEB-INF/lib/ttInvoiceHelper.class.php b/WEB-INF/lib/ttInvoiceHelper.class.php
index 9fa7e58..fd701fe 100644 (file)
--- a/WEB-INF/lib/ttInvoiceHelper.class.php
+++ b/WEB-INF/lib/ttInvoiceHelper.class.php
@@ -69,7 +69,9 @@ class ttInvoiceHelper {
     global $user;
     $mdb2 = getConnection();
 
-    $sql = "select * from tt_invoices where id = $invoice_id and team_id = $user->team_id and status = 1";
+    if ($user->isClient()) $client_part = " and client_id = $user->client_id";
+
+    $sql = "select * from tt_invoices where id = $invoice_id and team_id = $user->team_id $client_part and status = 1";
     $res = $mdb2->query($sql);
     if (!is_a($res, 'PEAR_Error')) {
       if ($val = $res->fetchRow())
diff --git a/WEB-INF/templates/footer.tpl b/WEB-INF/templates/footer.tpl
index c614ff7..3f18617 100644 (file)
--- a/WEB-INF/templates/footer.tpl
+++ b/WEB-INF/templates/footer.tpl
@@ -12,7 +12,7 @@
       <br>
       <table cellspacing="0" cellpadding="4" width="100%" border="0">
         <tr>
-          <td align="center">&nbsp;Anuko Time Tracker 1.17.40.4064 | Copyright &copy; <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
+          <td align="center">&nbsp;Anuko Time Tracker 1.17.41.4065 | Copyright &copy; <a href="https://www.anuko.com/lp/tt_3.htm" target="_blank">Anuko</a> |
             <a href="https://www.anuko.com/lp/tt_4.htm" target="_blank">{$i18n.footer.credits}</a> |
             <a href="https://www.anuko.com/lp/tt_5.htm" target="_blank">{$i18n.footer.license}</a> |
             <a href="https://www.anuko.com/lp/tt_7.htm" target="_blank">{$i18n.footer.improve}</a>
diff --git a/invoice_send.php b/invoice_send.php
index ee333a6..48bc14f 100644 (file)
--- a/invoice_send.php
+++ b/invoice_send.php
@@ -32,7 +32,7 @@ import('ttInvoiceHelper');
 import('ttSysConfig');
 
 // Access check.
-if (!ttAccessAllowed('manage_invoices') || !$user->isPluginEnabled('iv')) {
+if (!(ttAccessAllowed('manage_invoices') || ttAccessAllowed('view_own_invoices')) || !$user->isPluginEnabled('iv')) {
   header('Location: access_denied.php');
   exit();
 }
diff --git a/invoice_view.php b/invoice_view.php
index 7661d9c..4a6027a 100644 (file)
--- a/invoice_view.php
+++ b/invoice_view.php
@@ -33,7 +33,7 @@ import('ttClientHelper');
 import('form.Form');
 
 // Access check.
-if (!ttAccessCheck(right_view_invoices) || !$user->isPluginEnabled('iv')) {
+if (!(ttAccessAllowed('manage_invoices') || ttAccessAllowed('view_own_invoices')) || !$user->isPluginEnabled('iv')) {
   header('Location: access_denied.php');
   exit();
 }
Unnamed repository; edit this file 'description' to name the repository.