lkddi/nexusphp
1
0
Fork 0
mirror of https://github.com/lkddi/nexusphp.git synced 2026-04-24 12:07:23 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix a user_can security problem

Browse Source
This commit is contained in:
Rey5
2023-05-07 04:10:08 +08:00
parent d09e57a09f
commit 72f260c76a
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
include/globalfunctions.php
+1 -1
View File
@@ -1088,7 +1088,7 @@ function user_can($permission, $fail = false, $uid = 0): bool
$uid = get_user_id(); $uid = get_user_id();
$log .= ", set current uid: $uid"; $log .= ", set current uid: $uid";
} }
if ($uid <= 0) { if (!$fail && $uid <= 0) {
do_log("$log, unauthenticated, false"); do_log("$log, unauthenticated, false");
return false; return false;
} }