Bug 141557 - modification to user deletion code in editusers.cgi - prevent allowuserdeletion being bypassed. Patch by gerv; 2xr=myk.

author: gerv%gerv.net <> 2002-05-02 05:54:10 +0200
committer: gerv%gerv.net <> 2002-05-02 05:54:10 +0200
commit: e3fe36b5ef56c20b3c3fa4edea99c5de2febb9a2 (patch)
tree: 7c18c8464b5e491df6a86262c821e4a58300057e
parent: a4185828bb55a5c55c8a1da1a8e319caf16e4478 (diff)
download: bugzilla-e3fe36b5ef56c20b3c3fa4edea99c5de2febb9a2.tar.gz
bugzilla-e3fe36b5ef56c20b3c3fa4edea99c5de2febb9a2.tar.xz
1 files changed, 2 insertions, 0 deletions
diff --git a/editusers.cgi b/editusers.cgi
index ad124032e..06c293e2d 100755
--- a/editusers.cgi
+++ b/editusers.cgi
@@ -528,6 +528,7 @@ if ($action eq 'del') {
     if (!$candelete) {
         print "Sorry, deleting users isn't allowed.";
         PutTrailer();
+        exit;
     }
     if (!$editall) {
         print "Sorry, you don't have permissions to delete users.";
@@ -657,6 +658,7 @@ if ($action eq 'delete') {
     if (!$candelete) {
         print "Sorry, deleting users isn't allowed.";
         PutTrailer();
+        exit;
     }
     if (!$editall) {
         print "Sorry, you don't have permissions to delete users.";
author	gerv%gerv.net <>	2002-05-02 05:54:10 +0200
committer	gerv%gerv.net <>	2002-05-02 05:54:10 +0200
commit	e3fe36b5ef56c20b3c3fa4edea99c5de2febb9a2 (patch)
tree	7c18c8464b5e491df6a86262c821e4a58300057e
parent	a4185828bb55a5c55c8a1da1a8e319caf16e4478 (diff)
download	bugzilla-e3fe36b5ef56c20b3c3fa4edea99c5de2febb9a2.tar.gz bugzilla-e3fe36b5ef56c20b3c3fa4edea99c5de2febb9a2.tar.xz