lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix: [bug #478] Can access pages belonging to disabled modules

Browse Source
This commit is contained in:
Regis Houssin 2012-08-03 11:56:42 +02:00
parent ae0a746510
commit 899f4df9ed
3 changed files with 16 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
htdocs/compta/journal/purchasesjournal.php
View File

@ -1,7 +1,8 @@
<?php
/* Copyright (C) 2007-2010 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2007-2010 Jean Heimburger <jean@tiaris.info>
* Copyright (C) 2011 Juanjo Menent <jmenent@2byte.es>
/* Copyright (C) 2007-2010 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2007-2010 Jean Heimburger <jean@tiaris.info>
* Copyright (C) 2011 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2012 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -33,9 +34,9 @@ $langs->load("compta");
// Protection if external user
if ($user->societe_id > 0)
{
accessforbidden();
}
$result = restrictedArea($user, 'societe&facture');
/*******************************************************************
@ -216,4 +217,4 @@ print "</table>";
llxFooter();
$db->close();
?>
?>

13
htdocs/compta/journal/sellsjournal.php
View File

@ -1,7 +1,8 @@
<?php
/* Copyright (C) 2007-2010 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2007-2010 Jean Heimburger <jean@tiaris.info>
* Copyright (C) 2011 Juanjo Menent <jmenent@2byte.es>
/* Copyright (C) 2007-2010 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2007-2010 Jean Heimburger <jean@tiaris.info>
* Copyright (C) 2011 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2012 Regis Houssin <regis@dolibarr.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -34,9 +35,9 @@ $langs->load("compta");
// Protection if external user
if ($user->societe_id > 0)
{
accessforbidden();
}
$result = restrictedArea($user, 'societe&facture');
/*******************************************************************
@ -209,4 +210,4 @@ print "</table>";
// End of page
$db->close();
llxFooter();
?>
?>

3
htdocs/product/admin/product.php
View File

@ -36,7 +36,8 @@ $langs->load("admin");
$langs->load("products");
// Security check
if (! $user->admin) accessforbidden();
if (! $user->admin || empty($conf->product->enabled))
accessforbidden();
$action = GETPOST('action','alpha');
$value = GETPOST('value','alpha');