From 4047b31240ac0927ee7cc575f272549f445a5b96 Mon Sep 17 00:00:00 2001 From: M.Gergo Date: Sun, 10 Nov 2019 09:46:32 +0100 Subject: Rev: 4569 --- mayor-orig/mayor-portal/log/mayor-portal.rev | 2 +- .../mayor-portal/www/include/modules/portal/share/hirek.php | 2 +- .../mayor-portal/www/policy/private/portal/hirek/egyhir-pre.php | 8 ++++---- 3 files changed, 6 insertions(+), 6 deletions(-) (limited to 'mayor-orig/mayor-portal') diff --git a/mayor-orig/mayor-portal/log/mayor-portal.rev b/mayor-orig/mayor-portal/log/mayor-portal.rev index d0fabd4c..cc8a8a9f 100644 --- a/mayor-orig/mayor-portal/log/mayor-portal.rev +++ b/mayor-orig/mayor-portal/log/mayor-portal.rev @@ -1 +1 @@ -4554 +4569 diff --git a/mayor-orig/mayor-portal/www/include/modules/portal/share/hirek.php b/mayor-orig/mayor-portal/www/include/modules/portal/share/hirek.php index e4791c3a..d7db431e 100644 --- a/mayor-orig/mayor-portal/www/include/modules/portal/share/hirek.php +++ b/mayor-orig/mayor-portal/www/include/modules/portal/share/hirek.php @@ -41,7 +41,7 @@ $WHERE = "WHERE ".implode(' AND ',$W); } else $WHERE = ''; - if ($SET['all']===true) $WHERE=' WHERE `owner`="'._USERACCOUNT.'" '; + if ($SET['all']===true) $WHERE = ''; $q = "SELECT * FROM hirek $WHERE ORDER BY kdt DESC,vdt DESC".$L; $HIREK['szovegek'] = db_query($q, array('modul'=>'portal','result'=>'indexed')); return $HIREK; diff --git a/mayor-orig/mayor-portal/www/policy/private/portal/hirek/egyhir-pre.php b/mayor-orig/mayor-portal/www/policy/private/portal/hirek/egyhir-pre.php index 6addac83..85732e67 100644 --- a/mayor-orig/mayor-portal/www/policy/private/portal/hirek/egyhir-pre.php +++ b/mayor-orig/mayor-portal/www/policy/private/portal/hirek/egyhir-pre.php @@ -6,7 +6,9 @@ if (_RIGHTS_OK !== true) die(); $hirId = readVariable($_POST['hirId'],'id',null); if ($hirId=='') $hirId = readVariable($_GET['hirId'],'id',null); $action = readVariable($_POST['action'],'strictstring',array(null,'save','')); - if ($hirId>0 && isOwner($hirId)===false) $_SESSION['alert'][] = 'page:not_owner'; + if (__PORTAL_CODE=='vmg' && $hirId>0 && isOwner($hirId)===false) { + $_SESSION['alert'][] = 'page:not_owner'; + } if ($action=='save' && (__HIREKADMIN || $hirId=='' || isOwner($hirId))) { global $LANGUAGES; @@ -32,13 +34,11 @@ if (_RIGHTS_OK !== true) die(); $r = saveHir($DATA); if ($hirId=='') $hirId=$r; } - if ($hirId!='' && is_numeric($hirId) && __HIREKADMIN || isOwner($hirId)) + if ($hirId!='' && is_numeric($hirId) && (__HIREKADMIN===true || isOwner($hirId)===true)) $HIREK = getHirek(array('id'=>$hirId)); elseif ($hirId!='') $_SESSION['alert'][] = 'page:not_owner'; $ADAT['kategoriak'] = getKategoriak(); - - ?> -- cgit v1.2.3