mirror/opensourcepos
1
0
Fork 0
mirror of https://github.com/opensourcepos/opensourcepos.git synced 2026-05-04 13:54:51 -04:00
Code Issues Packages Projects Releases Wiki Activity

Reports module now has checks on the required submodules when entering direct urls

Browse Source
This commit is contained in:
jekkos-t520
2014-10-16 18:31:35 +02:00
parent 7bcb1d7531
commit 7fad710277
2 changed files with 7 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
application/controllers/reports.php
View File

@@ -12,14 +12,17 @@ class Reports extends Secure_area
parent::__construct('reports');
$method_name = $this->uri->segment(2);
$exploder = explode('_', $method_name);
$submodule_id = preg_match("/^(inventory)|([^_.]+)(?:_graph)?$/", $method_name, $matches);
var_dump($matches);
$submodule_id = preg_replace("/^(.*?)s?$/", "$1s", $matches[1]);
$submodule_id = preg_match("/(?:inventory)|([^_.]*)(?:_graph)?$/", $method_name, $matches);
$submodule_id = array_pop($matches);
if (count($matches) > 1)
{
$submodule_id = preg_replace("/^(.*?)s?$/", "$1s", $submodule_id);
}
$employee_id=$this->Employee->get_logged_in_employee_info()->person_id;
// check access to report submodule
if (sizeof($exploder) > 1 && !$this->Employee->has_grant('reports_'.$submodule_id,$employee_id))
{
//redirect('no_access/'.$submodule_id.'/reports_' . $submodule_id);
redirect('no_access/'.$submodule_id.'/reports_' . $submodule_id);
}
$this->load->helper('report');
}

4
system/libraries/Email.php
View File

@@ -610,10 +610,6 @@ class CI_Email {
*/
protected function _get_message_id()
{
$from = $this->_headers['Return-Path'];
$from = str_replace(">", "", $from);
$from = str_replace("<", "", $from);
return "<".uniqid('').strstr($from, '@').">";
}