stian/gallery3
1
0
Fork 0
mirror of https://github.com/Pathduck/gallery3.git synced 2026-05-19 19:09:13 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

Only admins can delete users.

Browse Source
This commit is contained in:
Bharat Mediratta
2008-12-25 02:47:17 +00:00
parent 216ecf3079
commit 95ec6a8f57
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
modules/user/controllers/users.php
View File

@@ -82,7 +82,7 @@ class Users_Controller extends REST_Controller {
* @see REST_Controller::_delete($resource)
*/
public function _delete($user) {
if (!user::active()->admin && ($user->guest || $user->id != user::active()->id)) {
if (!user::active()->admin) {
access::forbidden();
}
// Prevent CSRF