diff options
author | Scott Ullrich <sullrich@pfsense.org> | 2008-02-16 20:31:24 +0000 |
---|---|---|
committer | Scott Ullrich <sullrich@pfsense.org> | 2008-02-16 20:31:24 +0000 |
commit | 60c74655ebdf94bbd9b486a6974ff9b77902c8e8 (patch) | |
tree | 5649f7f2d44e5468bed6693fe3545db78bed7a66 /usr/local/www/system_usermanager.php | |
parent | 31b536532d1c0e469aa9526dce4627757d248f6f (diff) | |
download | pfsense-60c74655ebdf94bbd9b486a6974ff9b77902c8e8.zip pfsense-60c74655ebdf94bbd9b486a6974ff9b77902c8e8.tar.gz |
Check if item is an array. admin user has permission to all without array.
Diffstat (limited to 'usr/local/www/system_usermanager.php')
-rw-r--r-- | usr/local/www/system_usermanager.php | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/usr/local/www/system_usermanager.php b/usr/local/www/system_usermanager.php index e22013a..1e06c87 100644 --- a/usr/local/www/system_usermanager.php +++ b/usr/local/www/system_usermanager.php @@ -32,14 +32,16 @@ POSSIBILITY OF SUCH DAMAGE. */ +require("globals.inc"); require("guiconfig.inc"); // The page title for non-admins $pgtitle = array("System","User Password"); /* Check for custom priv system_usermanager (no .php ending) */ $allowed = $g['privs']; -if (in_array("system_usermanager", $allowed)) - $isAdminUser = true; +if(is_array($allowed)) + if (in_array("system_usermanager", $allowed)) + $isAdminUser = true; if (isSystemAdmin($HTTP_SERVER_VARS['AUTH_USER']) or $isAdminUser) { // Page title for main admin |