Changeset 21110

Timestamp:

2011/08/03 18:26:58 (13 years ago)

Author:

nanasess

bzr:base-revision:

ohkouchi@loop-az.jp-20110803080248-6xrvcwuke30or3d3

bzr:committer:

Kentaro Ohkouchi <ohkouchi@loop-az.jp>

bzr:file-ids:

data/class/SC_Session.php 15078@1e3b908f-19a9-db11-a64c-001125224ba8:branches%2Ffeature-module-update%2Fdata%2Fclass%2FSC_Session.php

bzr:mapping-version:

v4

bzr:merge:

ohkouchi@loop-az.jp-20110803092634-8dp7jh0qbewmmqda

bzr:repository-uuid:

1e3b908f-19a9-db11-a64c-001125224ba8

bzr:revision-id:

ohkouchi@loop-az.jp-20110803092654-an5b0cg8m3p2wl70

bzr:revno:

3813

bzr:revprop:branch-nick:

branches/version-2_11-dev

bzr:root:

branches/version-2_11-dev

bzr:testament:

bazaar-ng testament short form 2.1
revision-id: ohkouchi@loop-az.jp-20110803092654-an5b0cg8m3p2wl70
sha1: 94a00a29f36ad2b60929e5075650a1ea720ae6a0

bzr:text-parents:

data/class/SC_Session.php svn-v4:1e3b908f-19a9-db11-a64c-001125224ba8:branches/version-2_11-dev:20966

bzr:timestamp:

2011-08-03 18:26:54.321000099 +0900

bzr:user-agent:

bzr2.3.1+bzr-svn1.1.0dev0

Message:

#1303 (管理者権限のアクセス制限が効いていない)

• 不要なメンバー変数をローカル変数に修正

File:

• branches/version-2_11-dev/data/class/SC_Session.php (modified) (1 diff)

branches/version-2_11-dev/data/class/SC_Session.php

@@ -69 +69 @@
             $masterData = new SC_DB_MasterData_Ex();
             $admin_path = preg_replace('/\/+/', '/', $_SERVER['PHP_SELF']);
-            $this->arrPERMISSION = $masterData->getMasterData("mtb_permission");
-            if (isset($this->arrPERMISSION[$admin_path])) {
+            $arrPERMISSION = $masterData->getMasterData("mtb_permission");
+            if (isset($arrPERMISSION[$admin_path])) {
                 // 数値が自分の権限以上のものでないとアクセスできない。
-                if ($this->arrPERMISSION[$admin_path] < $this->authority) {
+                if ($arrPERMISSION[$admin_path] < $this->authority) {
                     return AUTH_ERROR;
                 }