Fix: security check in user/group

2009-05-01 10:24:32 +00:00 · 2009-05-01 10:24:32 +00:00 · 67377f7729
commit 67377f7729
parent 37cac65f5a
2 changed files with 2 additions and 2 deletions
--- a/htdocs/user/fiche.php
+++ b/htdocs/user/fiche.php
@ -52,7 +52,7 @@ if ($_GET["id"])
 }

 // Security check
-$result = restrictedArea($user, 'user',$_GET["id"]);
+$result = restrictedArea($user, 'user', $_GET["id"], '', 'user');
 if ($user->id <> $_GET["id"] && ! $canreadperms) accessforbidden();

 $langs->load("users");
--- a/htdocs/user/group/fiche.php
+++ b/htdocs/user/group/fiche.php
@ -37,7 +37,7 @@ $langs->load("users");
 $langs->load("other");

 // Security check
-$result = restrictedArea($user, 'usergroup',$_GET["id"]);
+$result = restrictedArea($user, 'user', $_GET["id"], '', 'user');

 $action=isset($_GET["action"])?$_GET["action"]:$_POST["action"];