diff options
| author | Lukas Fleischer <archlinux@cryptocrack.de> | 2013-01-30 09:25:42 +0100 |
|---|---|---|
| committer | Lukas Fleischer <archlinux@cryptocrack.de> | 2013-01-30 09:25:42 +0100 |
| commit | 8b791dee91bef312a0c3d06a8b77a5363720a88e (patch) | |
| tree | 26e62794e2348067c510e8b58dd497aaffe454ff /web/html | |
| parent | 49e61845085aff6076a3dde056d08a278f447e6d (diff) | |
| parent | 65e93f134faf9c98574a99f7f40d9f0bdb4256eb (diff) | |
| download | aurweb-8b791dee91bef312a0c3d06a8b77a5363720a88e.tar.xz | |
Merge branch 'maint'
Diffstat (limited to 'web/html')
| -rw-r--r-- | web/html/account.php | 7 |
1 files changed, 2 insertions, 5 deletions
diff --git a/web/html/account.php b/web/html/account.php index cccdd76..2133734 100644 --- a/web/html/account.php +++ b/web/html/account.php @@ -48,11 +48,8 @@ if (isset($_COOKIE["AURSID"])) { if (empty($row)) { print __("Could not retrieve information for the specified user."); } else { - # double check to make sure logged in user can edit this account - # - if ($atype == "Developer" || ($atype == "Trusted User" && - $row["AccountType"] != "Developer") || - ($row["ID"] == uid_from_sid($_COOKIE["AURSID"]))) { + /* Verify user has permission to edit the account */ + if (can_edit_account($atype, $row, uid_from_sid($_COOKIE["AURSID"]))) { display_account_form($atype, "UpdateAccount", $row["Username"], $row["AccountType"], $row["Suspended"], $row["Email"], "", "", $row["RealName"], $row["LangPreference"], |