diff options
| author | Cassio de Campos <cassiopc@gmail.com> | 2017-08-04 13:20:51 +0000 |
|---|---|---|
| committer | Cassio de Campos <cassiopc@gmail.com> | 2017-08-04 13:20:51 +0000 |
| commit | af925fb218e7a333759eb49c667bfb22eb71196d (patch) | |
| tree | 9aa8254c42a50d2c6bb253074c54609287258053 /src/freport.php | |
| parent | 5592a6c28bdf04165d60a9579f70f9c63fc830ca (diff) | |
| download | boca-af925fb218e7a333759eb49c667bfb22eb71196d.tar.gz boca-af925fb218e7a333759eb49c667bfb22eb71196d.zip | |
bug fixes
Diffstat (limited to 'src/freport.php')
| -rw-r--r-- | src/freport.php | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/freport.php b/src/freport.php index 2cbef4c..cded59b 100644 --- a/src/freport.php +++ b/src/freport.php @@ -44,6 +44,8 @@ function DBRunReport($contest,$site) { $n = DBnlines($r); for ($i=0;$i<$n;$i++) { $a = DBRow($r,$i); + //cassiopc: staff users should see only same site, so checking of teamYYYY and staffXXXX have YYYY=XXXX + if($_SESSION["usertable"]["usertype"] != "admin" && substr($a['name'],4,4) != substr($_SESSION["usertable"]["username"],5,4)) continue; $xusername[$a['un']] = $a['name']; $xuserfull[$a['name']] = $a['fullname']; } @@ -67,6 +69,8 @@ function DBRunReport($contest,$site) { for ($i=0;$i<$n;$i++) { $a = DBRow($r,$i); + //cassiopc: staff users should see only same site, so checking of teamYYYY and staffXXXX have YYYY=XXXX + if($_SESSION["usertable"]["usertype"] != "admin" && substr($a['user'],4,4) != substr($_SESSION["usertable"]["username"],5,4)) continue; $xdados[$i] = $a; // # of runs by team if(isset($xuser[$a['user']])) |