From d1ba8c934978e24617e6ba8614a6e607192f1fe0 Mon Sep 17 00:00:00 2001 From: ftimme <ft@falkotimme.com> Date: Tue, 06 Dec 2005 09:30:59 -0500 Subject: [PATCH] --- interface/web/dns/rr_del.php | 5 ++++- 1 files changed, 4 insertions(+), 1 deletions(-) diff --git a/interface/web/dns/rr_del.php b/interface/web/dns/rr_del.php index d90001f..e06ff84 100644 --- a/interface/web/dns/rr_del.php +++ b/interface/web/dns/rr_del.php @@ -56,7 +56,10 @@ function onDelete() { global $app, $conf; - $rr = $app->db->queryOneRecord("SELECT * FROM rr WHERE id = ".$_REQUEST['id']); + $app->uses('tform'); + if(!$rr = $app->db->queryOneRecord("SELECT * FROM rr WHERE id = ".$_REQUEST['id']." AND ".$app->tform->getAuthSQL('d'))) $app->error('not allowed'); + + //$rr = $app->db->queryOneRecord("SELECT * FROM rr WHERE id = ".$_REQUEST['id']); $zone_id = $rr['zone']; // update serial -- Gitblit v1.9.1