[Vtigercrm-commits] [vtiger-commits] r5249 - /vtigercrm/trunk/include/utils/export.php
vtigercrm-commits at vtiger.fosslabs.com
vtigercrm-commits at vtiger.fosslabs.com
Mon Apr 24 04:21:48 EDT 2006
Author: don
Date: Mon Apr 24 02:21:45 2006
New Revision: 5249
Log:
Security
Modified:
vtigercrm/trunk/include/utils/export.php
Modified: vtigercrm/trunk/include/utils/export.php
==============================================================================
--- vtigercrm/trunk/include/utils/export.php (original)
+++ vtigercrm/trunk/include/utils/export.php Mon Apr 24 02:21:45 2006
@@ -30,8 +30,10 @@
require_once('modules/Potentials/Opportunity.php');
require_once('modules/Users/User.php');
require_once('modules/Products/Product.php');
+require_once('include/utils/UserInfoUtil.php');
global $allow_exports;
+
session_start();
$current_user = new User();
@@ -46,9 +48,22 @@
}
}
+
+//Security Check
+if(isPermitted($_REQUEST['module'],"Export") == "no")
+{
+ $allow_exports="none";
+}
+
if ($allow_exports=='none' || ( $allow_exports=='admin' && ! is_admin($current_user) ) )
{
- die("you can't export!");
+
+?>
+ <script language=javascript>
+ alert("you are not permitted to export!");
+ window.location="index.php?module=<?php echo $_REQUEST['module'] ?>&action=index";
+ </script>
+<?php
}
/**Function convert line breaks to space in description during export
More information about the vtigercrm-commits
mailing list