From cdd7c88aefbc8b76b73397292800a0beaa8667b0 Mon Sep 17 00:00:00 2001 From: Michael Rasmussen Date: Thu, 11 Jun 2015 18:04:45 +0200 Subject: [PATCH 1/1] Enhance security --- lib/utils.inc.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lib/utils.inc.php b/lib/utils.inc.php index 0b9fe70..eec51cd 100644 --- a/lib/utils.inc.php +++ b/lib/utils.inc.php @@ -317,9 +317,12 @@ class Utils { public function authorized($recipient) { $authorized = false; + $this->log("authorized '$recipient'", 3); + if ($this->isAdmin() || $this->getUser() == $recipient) { $authorized = true; } + $this->log("authorized '".$this->getUser()."'", 3); return $authorized; } -- 2.39.5