gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-06-18 02:59:27 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

­ fixed weak access protection

Browse Source
This commit is contained in:
steinm 2012-03-12 10:26:26 +00:00
parent f45f96cad7
commit c54512cb44
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
webdav/letodms_webdav.php
View File

@ -230,6 +230,7 @@ class HTTP_WebDAV_Server_LetoDMS extends HTTP_WebDAV_Server
if (get_class($obj) == 'LetoDMS_Core_Folder' && !empty($options["depth"])) { if (get_class($obj) == 'LetoDMS_Core_Folder' && !empty($options["depth"])) {
$subfolders = $obj->getSubFolders(); $subfolders = $obj->getSubFolders();
$subfolders = LetoDMS_Core_DMS::filterAccess($subfolders, $this->user, M_READ);
if ($subfolders) { if ($subfolders) {
// ok, now get all its contents // ok, now get all its contents
foreach($subfolders as $subfolder) { foreach($subfolders as $subfolder) {
@ -238,6 +239,7 @@ class HTTP_WebDAV_Server_LetoDMS extends HTTP_WebDAV_Server
// TODO recursion needed if "Depth: infinite" // TODO recursion needed if "Depth: infinite"
} }
$documents = $obj->getDocuments(); $documents = $obj->getDocuments();
$documents = LetoDMS_Core_DMS::filterAccess($documents, $this->user, M_READ);
if ($documents) { if ($documents) {
// ok, now get all its contents // ok, now get all its contents
foreach($documents as $document) { foreach($documents as $document) {