/admin/account.php |
---|
21,7 → 21,7 |
<form action="account-do.php" method="POST"> |
<table> |
<tr><td class="bold">ID: </td><td><?php echo $user->ID; ?></td></tr> |
<tr><td class="bold">ID: </td><td><input type="hidden" name="id" value="<?php echo $user->ID; ?>" /><?php echo $user->ID; ?></td></tr> |
<?php |
if ($page->isUserAdmin($page->getLoggedInUser())) |
{ |
46,11 → 46,11 |
{ |
if (!$user) |
{ |
drawError('No such user, #' . $userID); |
$page->drawError('No such user, #' . $userID); |
} |
else |
{ |
drawError('You do not have permission to access this page.'); |
$page->drawError('You do not have permission to access this page.'); |
} |
} |
/admin/account-do.php |
---|
39,11 → 39,11 |
{ |
if (!$user) |
{ |
drawError('No such user, #' . $userID); |
$page->drawError('No such user, #' . $userID); |
} |
else |
{ |
drawError('You do not have permission to access this page.'); |
$page->drawError('You do not have permission to access this page.'); |
} |
} |
/blog/post.php |
---|
4,7 → 4,7 |
$page = new Taios_Page('Blog Posts', '../'); |
if (empty($_GET['id'])) |
if (empty($_GET['id']) || $_GET['id'] == -1) |
{ |
$page->redirect('index.php'); |
} |
/blog/add-post.php |
---|
40,7 → 40,7 |
} |
else |
{ |
if ($page->getLoggedInUser() >= 2 && $parentID == -1) |
if ($page->getLoggedInUser()->accessID >= 2 && $parentID == -1) |
{ |
$page->drawError('You do not have permission to access this page.'); |
} |
/_taios.php |
---|
129,7 → 129,7 |
if ($this->isUserNormal($this->getLoggedInUser())) |
{ |
echo '<p class="bold"><a href="add-post.php?id=' . $id . '">Add Comment</a>'; |
if ($this->isUserAdmin($this->getLoggedInUser()) || $this->getLoggedInUser() == $post->author->ID) |
if ($this->isUserAdmin($this->getLoggedInUser()) || $this->getLoggedInUser()->ID == $post->author->ID) |
{ |
echo ' · <a href="edit-post.php?id=' . $id . '">Edit Post</a>'; |
echo ' · <a href="del-post.php?id=' . $id . '">Delete Post</a>'; |