From c86e82354cdafa9aaa785455505a2e8b0ce5fc73 Mon Sep 17 00:00:00 2001
From: Aqua-sama <aqua@iserlohn-fortress.net>
Date: Fri, 30 Apr 2021 10:15:25 +0300
Subject: Check can_edit_reports and can_edit_bugs flags

---
 bug/edit.php | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'bug/edit.php')

diff --git a/bug/edit.php b/bug/edit.php
index ad1ea36..9aaac38 100644
--- a/bug/edit.php
+++ b/bug/edit.php
@@ -27,6 +27,11 @@ if($id != "") {
     $submitter = $result['submitter'];
     $description = $result['description'];
 }
+
+if(!$_SESSION['user_can_edit_bugs'] || ($submitter != $_SESSION['user_name'])) {
+    echo "You cannot edit bugs!";
+    goto footer;
+}
 ?>
 
 <form action="update.php?id=<?php echo $id; ?>" method="post">
-- 
cgit v1.2.1