From dbcf5bdcbfd4772cc15e8e2535ac1977ebd4cd79 Mon Sep 17 00:00:00 2001 From: moodler Date: Sat, 25 Mar 2006 16:19:06 +0000 Subject: [PATCH] Fixed some bung security logic --- mod/data/add.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/mod/data/add.php b/mod/data/add.php index e0eb5f8d07..b1fffed296 100755 --- a/mod/data/add.php +++ b/mod/data/add.php @@ -68,9 +68,9 @@ error (get_string('noaccess','data')); } - if ($rid){ //editting a record, do you have access to edit this? - if (!isteacher($course->id) or !data_isowner($rid) or !confirm_sesskey()){ - error (get_string('noaccess','data')); + if ($rid) { // So do you have access? + if (!(isteacher($course->id) or data_isowner($rid)) or !confirm_sesskey() ) { + error(get_string('noaccess','data')); } } -- 2.39.5