diff options
| author | Cassio de Campos <cassiopc@gmail.com> | 2017-08-10 10:49:24 +0000 |
|---|---|---|
| committer | Cassio de Campos <cassiopc@gmail.com> | 2017-08-10 10:49:24 +0000 |
| commit | e926ad94df156c2a58e35e24d25229e0ab041aae (patch) | |
| tree | 38db549a3337693aefe30e99582383d5e853e2f9 /src/freport.php | |
| parent | 02b4aacc81613792b0fa618692145dc1e2989e42 (diff) | |
| parent | 94c6cd12dacf9de46051c57e6f6bf216e86c8df8 (diff) | |
| download | boca-e926ad94df156c2a58e35e24d25229e0ab041aae.tar.gz boca-e926ad94df156c2a58e35e24d25229e0ab041aae.zip | |
Merge branch 'master' of github.com:cassiopc/boca
Diffstat (limited to 'src/freport.php')
| -rw-r--r-- | src/freport.php | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/freport.php b/src/freport.php index 2cbef4c..cded59b 100644 --- a/src/freport.php +++ b/src/freport.php @@ -44,6 +44,8 @@ function DBRunReport($contest,$site) { $n = DBnlines($r); for ($i=0;$i<$n;$i++) { $a = DBRow($r,$i); + //cassiopc: staff users should see only same site, so checking of teamYYYY and staffXXXX have YYYY=XXXX + if($_SESSION["usertable"]["usertype"] != "admin" && substr($a['name'],4,4) != substr($_SESSION["usertable"]["username"],5,4)) continue; $xusername[$a['un']] = $a['name']; $xuserfull[$a['name']] = $a['fullname']; } @@ -67,6 +69,8 @@ function DBRunReport($contest,$site) { for ($i=0;$i<$n;$i++) { $a = DBRow($r,$i); + //cassiopc: staff users should see only same site, so checking of teamYYYY and staffXXXX have YYYY=XXXX + if($_SESSION["usertable"]["usertype"] != "admin" && substr($a['user'],4,4) != substr($_SESSION["usertable"]["username"],5,4)) continue; $xdados[$i] = $a; // # of runs by team if(isset($xuser[$a['user']])) |