From e3fe36b5ef56c20b3c3fa4edea99c5de2febb9a2 Mon Sep 17 00:00:00 2001
From: "gerv%gerv.net" <>
Date: Thu, 2 May 2002 03:54:10 +0000
Subject: Bug 141557 - modification to user deletion code in editusers.cgi -
 prevent allowuserdeletion being bypassed. Patch by gerv; 2xr=myk.

---
 editusers.cgi | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'editusers.cgi')

diff --git a/editusers.cgi b/editusers.cgi
index ad124032e..06c293e2d 100755
--- a/editusers.cgi
+++ b/editusers.cgi
@@ -528,6 +528,7 @@ if ($action eq 'del') {
     if (!$candelete) {
         print "Sorry, deleting users isn't allowed.";
         PutTrailer();
+        exit;
     }
     if (!$editall) {
         print "Sorry, you don't have permissions to delete users.";
@@ -657,6 +658,7 @@ if ($action eq 'delete') {
     if (!$candelete) {
         print "Sorry, deleting users isn't allowed.";
         PutTrailer();
+        exit;
     }
     if (!$editall) {
         print "Sorry, you don't have permissions to delete users.";
-- 
cgit v1.2.3-24-g4f1b