From f18edd57879c83efee640a91464fe9d917d22eab Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Sun, 10 Dec 2017 21:08:13 +0100
Subject: [PATCH] Update security.lib.php

---
 htdocs/core/lib/security.lib.php | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php
index c7d72e796ea..0632f4d723f 100644
--- a/htdocs/core/lib/security.lib.php
+++ b/htdocs/core/lib/security.lib.php
@@ -242,17 +242,17 @@ function restrictedArea($user, $features, $objectid=0, $tableandshare='', $featu
             {
             	foreach($feature2 as $subfeature)
             	{
-                        if (empty($user->rights->{$feature}->{$subfeature}->creer)
-                        && empty($user->rights->{$feature}->{$subfeature}->write)
-                        && empty($user->rights->{$feature}->{$subfeature}->create)) { $createok=0; $nbko++; }
+                        if (empty($user->rights->$feature->$subfeature->creer)
+                        && empty($user->rights->$feature->$subfeature->write)
+                        && empty($user->rights->$feature->$subfeature->create)) { $createok=0; $nbko++; }
             		else { $createok=1; break; } // Break to bypass second test if the first is ok
             	}
             }
             else if (! empty($feature))		// This is for old permissions ('creer' or 'write')
             {
                 //print '<br>feature='.$feature.' creer='.$user->rights->$feature->creer.' write='.$user->rights->$feature->write;
-                if (empty($user->rights->{$feature}->creer)
-                && empty($user->rights->{$feature}->write)) { $createok=0; $nbko++; }
+                if (empty($user->rights->$feature->creer)
+                && empty($user->rights->$feature->write)) { $createok=0; $nbko++; }
             }
         }
 
@@ -314,16 +314,16 @@ function restrictedArea($user, $features, $objectid=0, $tableandshare='', $featu
             {
             	foreach($feature2 as $subfeature)
             	{
-            		if (empty($user->rights->{$feature}->{$subfeature}->supprimer) && empty($user->rights->$feature->$subfeature->delete)) $deleteok=0;
+            		if (empty($user->rights->$feature->$subfeature->supprimer) && empty($user->rights->$feature->$subfeature->delete)) $deleteok=0;
             		else { $deleteok=1; break; } // For bypass the second test if the first is ok
             	}
             }
             else if (! empty($feature))		// This is for old permissions
             {
                 //print '<br>feature='.$feature.' creer='.$user->rights->$feature->supprimer.' write='.$user->rights->$feature->delete;
-                if (empty($user->rights->{$feature}->supprimer)
-                && empty($user->rights->{$feature}->delete)
-                && empty($user->rights->{$feature}->run)) $deleteok=0;
+                if (empty($user->rights->$feature->supprimer)
+                && empty($user->rights->$feature->delete)
+                && empty($user->rights->$feature->run)) $deleteok=0;
             }
         }