summaryrefslogtreecommitdiffstats
path: root/web/html
diff options
context:
space:
mode:
authorsimo <simo>2005-06-07 23:32:07 +0200
committersimo <simo>2005-06-07 23:32:07 +0200
commitdd885424d7281728893cb7829216313f8e776436 (patch)
tree9b24e92e3745eccaccd8539ff902dcf7f995577a /web/html
parent726a3a3b93b585dc27d7caee90445b1af792970a (diff)
downloadaur-dd885424d7281728893cb7829216313f8e776436.tar.gz
aur-dd885424d7281728893cb7829216313f8e776436.tar.xz
Fix deletion abilities such that:
TUs and DEVs may delete any package in unsupported Otherwise only package maintainers may delete their own
Diffstat (limited to 'web/html')
-rw-r--r--web/html/packages.php10
1 files changed, 8 insertions, 2 deletions
diff --git a/web/html/packages.php b/web/html/packages.php
index 604ba72c..4ea4b012 100644
--- a/web/html/packages.php
+++ b/web/html/packages.php
@@ -202,8 +202,14 @@ if (isset($_REQUEST["do_Flag"])) {
$q.= "WHERE Packages.ID IN (" . $delete . ") ";
$q.= "AND Packages.LocationID = PackageLocations.ID ";
$q.= "AND PackageLocations.Location = 'unsupported' ";
- $q.= "AND $field IN (0, " . uid_from_sid($_COOKIE["AURSID"]) . ")";
- $result = db_query($q, $dbh);
+ # If they're a TU or dev, can always delete, otherwise check ownership
+ #
+ if ($atype == "Trusted User" || $atype == "Developer") {
+ $result = db_query($q, $dbh);
+ } else {
+ $q.= "AND $field IN (0, " . uid_from_sid($_COOKIE["AURSID"]) . ")";
+ $result = db_query($q, $dbh);
+ }
if ($result != Null && mysql_num_rows($result) > 0) {
while ($row = mysql_fetch_assoc($result)) {
$ids_to_delete[] = $row['ID'];