diff options
Diffstat (limited to 'includes/controller')
-rw-r--r-- | includes/controller/shifts_controller.php | 6 | ||||
-rw-r--r-- | includes/controller/user_driver_licenses_controller.php | 4 |
2 files changed, 5 insertions, 5 deletions
diff --git a/includes/controller/shifts_controller.php b/includes/controller/shifts_controller.php index 52162b9e..b29a819f 100644 --- a/includes/controller/shifts_controller.php +++ b/includes/controller/shifts_controller.php @@ -137,12 +137,12 @@ function shifts_json_export_all_controller() { function shifts_json_export_controller() { global $ical_shifts, $user; - if (isset($_REQUEST['key']) && preg_match("/^[0-9a-f]{32}$/", $_REQUEST['key'])) { - $key = $_REQUEST['key']; - } else { + if (! isset($_REQUEST['key']) || ! preg_match("/^[0-9a-f]{32}$/", $_REQUEST['key'])) { engelsystem_error("Missing key."); } + $key = $_REQUEST['key']; + $user = User_by_api_key($key); if ($user === false) { engelsystem_error("Unable to find user."); diff --git a/includes/controller/user_driver_licenses_controller.php b/includes/controller/user_driver_licenses_controller.php index d1c770ba..5c629777 100644 --- a/includes/controller/user_driver_licenses_controller.php +++ b/includes/controller/user_driver_licenses_controller.php @@ -69,6 +69,8 @@ function user_driver_license_edit_link($user = null) { function user_driver_license_edit_controller() { global $privileges, $user; + $user_source = $user; + if (isset($_REQUEST['user_id'])) { $user_source = User($_REQUEST['user_id']); if ($user_source === false) { @@ -82,8 +84,6 @@ function user_driver_license_edit_controller() { if ($user['UID'] != $user_source['UID'] && ! in_array('admin_user', $privileges)) { redirect(user_driver_license_edit_link()); } - } else { - $user_source = $user; } $wants_to_drive = false; |