Design/EasySoft-ZenTaoPMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 30 Wiki Activity

* guest user has no priv of ajax functions.

Browse Source
This commit is contained in:
zhujinyong
2012-12-25 03:31:08 +00:00
parent 1f96375f21
commit 88b170dd5d
1 changed files with 1 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
module/common/model.php
View File

@@ -139,8 +139,7 @@ class commonModel extends model
if($module == 'user' and strpos('login|logout|deny', $method) !== false) return true;
if($module == 'api' and $method == 'getsessionid') return true;
$logon = ($this->app->company->guest or $this->loadModel('user')->isLogon());
if($logon and strpos($method, 'ajax') === 0) return true;
if($this->loadModel('user')->isLogon() and strpos($method, 'ajax') === 0) return true;
if($module == 'misc' and $method == 'about') return true;
if($module == 'misc' and $method == 'checkupdate') return true;