Security fix - improved access checks for task edit and deletes.

[timetracker.git] / mobile / time.php

diff --git a/mobile/time.php b/mobile/time.php
index abde5e01dc901a3b32d6f54be7c75cfbb7e525bb..8c6721d49ac5d8f2b137249fd03edd1b88c0f097 100644 (file)
--- a/mobile/time.php
+++ b/mobile/time.php
@@ -34,11 +34,12 @@ import('ttClientHelper');
 import('ttTimeHelper');
 import('DateAndTime');
 
-// Access check.
+// Access checks.
 if (!ttAccessAllowed('track_own_time')) {
   header('Location: access_denied.php');
   exit();
 }
+// End of access checks.
 
 // Initialize and store date in session.
 $cl_date = $request->getParameter('date', @$_SESSION['date']);