Mercurial Mercurial > poweradmin / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
add_record.php
changeset 37 b785e54690ce
parent 13 2ff220cfde13
child 47 ae140472d97c 
--- a/add_record.php	Mon Jul 02 23:01:18 2007 +0000
+++ b/add_record.php	Tue Jul 10 21:24:06 2007 +0000
@@ -2,6 +2,11 @@
 
 require_once("inc/toolkit.inc.php");
 
+$xsid = (isset($_GET['id'])) ? $_GET['id'] : $_POST['zoneid'];
+if ((!level(5)) && ((!xs($xsid) || ($_SESSION[$xsid.'_ispartial'])))) {
+	error(ERR_RECORD_ACCESS_DENIED);
+}
+
 if ($_POST["commit"]) {
         $ret = add_record($_POST["zoneid"], $_POST["name"], $_POST["type"], $_POST["content"], $_POST["ttl"], $_POST["prio"]);
         if ($ret != '1') {
poweradmin