phpBMS

Show
Ignore:
Timestamp:
01/07/10 11:16:05 (2 years ago)
Author:
brieb
Message:
  • Added more rights look ups to certain pages
  • Fixed several path disclosure errors
Files:
1 modified

Legend:

Unmodified
Added
Removed

  • trunk/phpbms/modules/base/tabledefs_custom.php

    r704 r727  
    4545        //Make sure table definition id is set 
    4646        if(!isset($_GET["id"])) 
    47             $error = new appError(300,"Passed variable not set (id)"); 
     47            $error = new appError(200,"Passed variable not set"); 
     48 
     49        if(!hasRights("Admin")) 
     50                goURL(APP_PATH."noaccess.php"); 
    4851 
    4952        $customFields = new customFields($db, ((int) $_GET["id"])); 
phpBMS vulnerability assesment provided by Orvant Inc. Copyright © 2010 Kreotek, LLC. All Rights reserved.