diff options
| author | Aqua-sama <aqua@iserlohn-fortress.net> | 2021-04-30 10:15:25 +0300 |
|---|---|---|
| committer | Aqua-sama <aqua@iserlohn-fortress.net> | 2021-04-30 10:15:25 +0300 |
| commit | c86e82354cdafa9aaa785455505a2e8b0ce5fc73 (patch) | |
| tree | 0135ef69eda1d871e940b1ad42d2166d9c1d8c9c /report/edit.php | |
| parent | Reports can be bound to bugs (diff) | |
| download | bugtracker-c86e82354cdafa9aaa785455505a2e8b0ce5fc73.tar.xz | |
Check can_edit_reports and can_edit_bugs flags
Diffstat (limited to 'report/edit.php')
| -rw-r--r-- | report/edit.php | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/report/edit.php b/report/edit.php index cd2e1a8..b6d5049 100644 --- a/report/edit.php +++ b/report/edit.php @@ -29,6 +29,11 @@ if($id != "") { $description = $result['description']; } +if(!$_SESSION['user_can_edit_reports'] || ($submitter != $_SESSION['user_name'])) { + echo "You cannot edit reports!"; + goto footer; +} + # get bug id's $bugs = $conn->query("SELECT id, title FROM bugs"); @@ -42,9 +47,11 @@ $bugs = $conn->query("SELECT id, title FROM bugs"); <p>Assign to bug: <select name="bug_id"> <option value="">None</option> <?php +if($_SESSION['user_can_edit_bugs']) { foreach($bugs as $bug) { echo "<option value=$bug[id]>$bug[title]</option>"; } +} ?> </select></p> <input type="submit" value="submit" > |