Revision 1353
Added by FrankH almost 14 years ago
admin.php | ||
---|---|---|
43 | 43 |
$section_id = $_POST['section_id']; |
44 | 44 |
} else { |
45 | 45 |
// Check if we should redirect the user if there is no section id |
46 |
if(!isset($section_required))
|
|
46 |
if (isset($no_section_required))
|
|
47 | 47 |
{ |
48 | 48 |
$section_id = 0; |
49 | 49 |
} else { |
... | ... | |
84 | 84 |
$admin->print_error($MESSAGE['PAGES']['INSUFFICIENT_PERMISSIONS']); |
85 | 85 |
} |
86 | 86 |
|
87 |
// Check whether the section_id belongs to the page_id at all |
|
88 |
if ($section_id != 0) { |
|
89 |
$sql = "SELECT `position` FROM `".TABLE_PREFIX."sections` WHERE `page_id` = '$page_id' AND `section_id` = '$section_id'"; |
|
90 |
$res_sec = $database->query($sql); |
|
91 |
if ($database->is_error()) |
|
92 |
{ |
|
93 |
$admin->print_error($database->get_error()); |
|
94 |
} |
|
95 |
if ($res_sec->numRows() == 0) |
|
96 |
{ |
|
97 |
$admin->print_error($MESSAGE['PAGES']['NOT_FOUND']); |
|
98 |
} |
|
99 |
} |
|
100 |
|
|
87 | 101 |
// Workout if the developer wants to show the info banner |
88 | 102 |
if(isset($print_info_banner) && $print_info_banner == true) |
89 | 103 |
{ |
Also available in: Unified diff
Security fixes