Revision c8823c18
Added by Scott Ullrich over 17 years ago
| usr/local/www/fbegin.inc | ||
|---|---|---|
| 333 | 333 |
$allowed = &$config['system']['group'][$groupindex[$config['system']['user'][$userindex[$auth_user]]['groupname']]]['pages']; |
| 334 | 334 |
|
| 335 | 335 |
function output_menu_item($url, $name) {
|
| 336 |
global $auth_user, $groupindex, $userindex, $allowed, $HTTP_SERVER_VARS; |
|
| 336 |
global $auth_user, $groupindex, $userindex, $allowed, $HTTP_SERVER_VARS, $allowed; |
|
| 337 |
if(!$allowed) |
|
| 338 |
$allowed = $_SESSION['privs']; |
|
| 337 | 339 |
if (!isSystemAdmin($HTTP_SERVER_VARS['AUTH_USER'])) |
| 338 | 340 |
if (!in_array(basename($url), $allowed)) |
| 339 | 341 |
return; |
Also available in: Unified diff
Ensure $allowed is set correctly.