Module: appdb Branch: master Commit: 09d96b79bd714283760acd8a2d74819c486cd3ba URL: http://source.winehq.org/git/appdb.git/?a=commit;h=09d96b79bd714283760acd8a2... Author: Alexander Nicolaysen Sørnes <alexander(a)ivan.alexstyrt> Date: Mon Sep 17 10:24:57 2007 +0200 comment: Fix delete permissions --- include/comment.php | 11 +++++++---- 1 files changed, 7 insertions(+), 4 deletions(-) diff --git a/include/comment.php b/include/comment.php index bc6dec3..703cf62 100644 --- a/include/comment.php +++ b/include/comment.php @@ -234,10 +234,9 @@ class Comment { echo "</td></tr>\n"; + $oComment = new comment($oRow->commentId); // delete message button, for admins - if ($_SESSION['current']->hasPriv("admin") - || $_SESSION['current']->isMaintainer($oRow->versionId) - || $_SESSION['current']->isSuperMaintainer($oRow->appId)) + if ($oComment->canEdit()) { $oVersion = new version($oRow->versionId); echo "<tr>"; @@ -353,7 +352,11 @@ class Comment { function canEdit() { - return $_SESSION['current']->hasPriv("admin"); + if($_SESSION['current']->hasPriv("admin")) + return TRUE; + + $oVersion = new version($this->iVersionId); + return $oVersion->canEdit(); } function objectGetId()