lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Security access

Browse Source
This commit is contained in:
Alexandre SPANGARO 2020-09-08 04:58:25 +02:00
parent a4c581b34d
commit df7ca14b2c
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/accountancy/admin/card.php
View File

@ -44,6 +44,8 @@ $cancel = GETPOST('cancel', 'alpha');
$accountingaccount = GETPOST('accountingaccount', 'alpha');
// Security check
if ($user->socid > 0) accessforbidden();
if (!$user->rights->accounting->chartofaccount) accessforbidden();
$object = new AccountingAccount($db);