Fixed an issue that allowed some disabled module content to be visible or accessible.
This commit is contained in:
@@ -2,6 +2,12 @@
|
||||
if (!defined('APP_INIT')) {
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!$GLOBALS['modules_enabled']['servers']) {
|
||||
echo '405 Not Allowed';
|
||||
exit;
|
||||
}
|
||||
|
||||
if (isset($_GET['view'])) {
|
||||
include_once($_SERVER['DOCUMENT_ROOT'] . '/bin/pages/servers/pageServerOverview_server_view.php');
|
||||
} else {
|
||||
|
||||
@@ -6,6 +6,11 @@ use bin\php\Classes\pageNavbar;
|
||||
if (!defined('APP_INIT')) {
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!$GLOBALS['modules_enabled']['servers']) {
|
||||
echo '405 Not Allowed';
|
||||
exit;
|
||||
}
|
||||
# IDE Section
|
||||
|
||||
# Includes Section
|
||||
@@ -37,10 +42,12 @@ $stmt->execute();
|
||||
$result = $stmt->get_result();
|
||||
$server_data = $result->fetch_assoc();
|
||||
|
||||
$companies_data = $GLOBALS['conn']->query("SELECT company_uuid, company_name FROM companies WHERE company_state = 'active'");
|
||||
$companies = array();
|
||||
while ($company_data = $companies_data->fetch_assoc()) {
|
||||
array_push($companies, $company_data);
|
||||
if ($GLOBALS['modules_enabled']['customers']) {
|
||||
$companies_data = $GLOBALS['conn']->query("SELECT company_uuid, company_name FROM companies WHERE company_state = 'active'");
|
||||
$companies = array();
|
||||
while ($company_data = $companies_data->fetch_assoc()) {
|
||||
array_push($companies, $company_data);
|
||||
}
|
||||
}
|
||||
|
||||
# Retrieve Information for the page
|
||||
@@ -194,36 +201,37 @@ $pageNavbar->outPutNavbar();
|
||||
</h4>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<h4>
|
||||
<i class="fas fa-building"></i> <?php echo __('company') ?>
|
||||
</h4>
|
||||
</td>
|
||||
<td>
|
||||
<?php if ($API->checkPermissions('servers', 'RW', true)) { ?>
|
||||
|
||||
|
||||
<div class="input-group">
|
||||
<select id="company_uuid" name="company_uuid" class="form-control">
|
||||
<option></option>
|
||||
<?php foreach ($companies as $company) { ?>
|
||||
<option <?php echo ($server_data['company_uuid'] == $company['company_uuid']) ? 'selected' : '' ?> value="<?php echo $company['company_uuid'] ?>"><?php echo $company['company_name'] ?></option>
|
||||
<?php } ?>
|
||||
</select>
|
||||
</div>
|
||||
|
||||
<?php } else { ?>
|
||||
<?php if ($GLOBALS['modules_enabled']['customers']) { ?>
|
||||
<tr>
|
||||
<td>
|
||||
<h4>
|
||||
<?php
|
||||
$companyMap = array_column($companies, 'company_name', 'company_uuid');
|
||||
echo $companyMap[$server_data['company_uuid']] ?? null;
|
||||
?>
|
||||
<i class="fas fa-building"></i> <?php echo __('company') ?>
|
||||
</h4>
|
||||
<?php } ?>
|
||||
</td>
|
||||
</tr>
|
||||
</td>
|
||||
<td>
|
||||
<?php if ($API->checkPermissions('servers', 'RW', true)) { ?>
|
||||
|
||||
|
||||
<div class="input-group">
|
||||
<select id="company_uuid" name="company_uuid" class="form-control">
|
||||
<option></option>
|
||||
<?php foreach ($companies as $company) { ?>
|
||||
<option <?php echo ($server_data['company_uuid'] == $company['company_uuid']) ? 'selected' : '' ?> value="<?php echo $company['company_uuid'] ?>"><?php echo $company['company_name'] ?></option>
|
||||
<?php } ?>
|
||||
</select>
|
||||
</div>
|
||||
|
||||
<?php } else { ?>
|
||||
<h4>
|
||||
<?php
|
||||
$companyMap = array_column($companies, 'company_name', 'company_uuid');
|
||||
echo $companyMap[$server_data['company_uuid']] ?? null;
|
||||
?>
|
||||
</h4>
|
||||
<?php } ?>
|
||||
</td>
|
||||
</tr>
|
||||
<?php } ?>
|
||||
<tr>
|
||||
<td>
|
||||
<h4>
|
||||
|
||||
@@ -5,6 +5,11 @@ use api\classes\API;
|
||||
if (!defined('APP_INIT')) {
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!$GLOBALS['modules_enabled']['servers']) {
|
||||
echo '405 Not Allowed';
|
||||
exit;
|
||||
}
|
||||
# IDE Section
|
||||
|
||||
# Includes Section
|
||||
|
||||
Reference in New Issue
Block a user