diff options
Diffstat (limited to 'src/freport.php')
| -rw-r--r-- | src/freport.php | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/freport.php b/src/freport.php index 2cbef4c..cded59b 100644 --- a/src/freport.php +++ b/src/freport.php @@ -44,6 +44,8 @@ function DBRunReport($contest,$site) { $n = DBnlines($r); for ($i=0;$i<$n;$i++) { $a = DBRow($r,$i); + //cassiopc: staff users should see only same site, so checking of teamYYYY and staffXXXX have YYYY=XXXX + if($_SESSION["usertable"]["usertype"] != "admin" && substr($a['name'],4,4) != substr($_SESSION["usertable"]["username"],5,4)) continue; $xusername[$a['un']] = $a['name']; $xuserfull[$a['name']] = $a['fullname']; } @@ -67,6 +69,8 @@ function DBRunReport($contest,$site) { for ($i=0;$i<$n;$i++) { $a = DBRow($r,$i); + //cassiopc: staff users should see only same site, so checking of teamYYYY and staffXXXX have YYYY=XXXX + if($_SESSION["usertable"]["usertype"] != "admin" && substr($a['user'],4,4) != substr($_SESSION["usertable"]["username"],5,4)) continue; $xdados[$i] = $a; // # of runs by team if(isset($xuser[$a['user']])) |