summaryrefslogtreecommitdiff
path: root/htdocs/postings.php
diff options
context:
space:
mode:
Diffstat (limited to 'htdocs/postings.php')
-rw-r--r--htdocs/postings.php21
1 files changed, 13 insertions, 8 deletions
diff --git a/htdocs/postings.php b/htdocs/postings.php
index 8dc42cc..ec98ddc 100644
--- a/htdocs/postings.php
+++ b/htdocs/postings.php
@@ -10,6 +10,12 @@
require_once "src/base.inc.php";
+// Check if we need to login first...
+if (isset($_GET['moderate']) and !isset($_SESSION['currentUser'])) {
+ header('Location: ' . $CONFIG['urlroot'].'/moderate/login.php');
+ exit();
+}
+
require_once "src/header.inc.php";
@@ -28,6 +34,7 @@ if (!is_numeric($id)) {
// Get the post.
$post = Post::getById($id);
+
if (!$post or (!isset($_SESSION['currentUser']) and $post->getStage() != 'approved')) {
errorNotFound();
}
@@ -46,14 +53,12 @@ if (isset($_SESSION['currentUser'])) {
} else {
// Post already approved
- if ($_SESSION['currentUser']->isAdmin()) {
- echo "<div class=\"moderationbox\">Administrative options:<br />";
-
- printf("<a href=\"../moderate/moderate.php?id=%s&action=delete\">delete post</a><br />"
- . "<a href=\"../moderate/moderate.php?id=%s&action=reject\">reject post</a>",
- $post->getid(), $post->getid());
- echo "</div>";
- }
+ echo "<div class=\"moderationbox\">Administrative options:<br />";
+
+ printf("<a href=\"../moderate/moderate.php?id=%s&action=delete\">delete post</a><br />"
+ . "<a href=\"../moderate/moderate.php?id=%s&action=reject\">reject post</a>",
+ $post->getid(), $post->getid());
+ echo "</div>";
}
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-10-16 12:18:30 +0000