From f1e7d8dec985ef56fa397c1196b30c894d070eb3 Mon Sep 17 00:00:00 2001 From: Alan Garcia Date: Thu, 8 Nov 2012 09:01:11 +0000 Subject: [PATCH] Fix #1362 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Ne propose pas de lister tout les comptes aux sous-admin si ca ne leur est pas autorisé --- bureau/admin/adm_list.php | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/bureau/admin/adm_list.php b/bureau/admin/adm_list.php index 2118c2f4..aa949b77 100644 --- a/bureau/admin/adm_list.php +++ b/bureau/admin/adm_list.php @@ -47,15 +47,16 @@ if ($short!=-1) { $mem->user["admlist"]=$short; } -$subadmin=variable_get("subadmin_restriction"); +$subadmin=variable_get("subadmin_restriction", 0); -if ($subadmin==0 && $show && $cuid != 2000) -{ +// If we ask for all account but we aren't "admin" and +// subadmin var is not 1 +if ($show=="all" && !$subadmin==1 && $cuid != 2000) { +printvar('plop2'); __("This page is restricted to authorized staff"); exit(); } - $r=$admin->get_list($show == 'all' ? 1 : 0, $creator); ?> @@ -63,7 +64,7 @@ $r=$admin->get_list($show == 'all' ? 1 : 0, $creator);

$error

"; } ?> @@ -71,9 +72,12 @@ $r=$admin->get_list($show == 'all' ? 1 : 0, $creator); ()   -' . _('List all AlternC accounts') . ''; - if ($subadmin!=0 || $cuid==2000) { + if ($subadmin==1 || $cuid==2000) { $list_creators = $admin->get_creator_list(); $infos_creators = array(); @@ -88,7 +92,9 @@ $r=$admin->get_list($show == 'all' ? 1 : 0, $creator); } } else { echo '

' . _('List only my accounts') . '

'; -} ?> +} +}// END ($subadmin==1 || $cuid==2000) +?>