fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-07 02:31:40 +09:00
Code Issues Projects Releases Packages Wiki Activity

Fix exposure of other members' point and level info via getMembersPointInto API call

Browse source
This commit is contained in:
Kijin Sung 2017-02-25 23:35:52 +09:00
parent 1c45a5fc1c
commit f3871e5cd3
1 changed files with 19 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

22
modules/point/point.model.php
View file

@ -75,9 +75,25 @@ class pointModel extends point
function getMembersPointInfo()
{
$member_srls = Context::get('member_srls');
$member_srls = explode(',',$member_srls);
if(count($member_srls)==0) return;
array_unique($member_srls);
$member_srls = array_unique(explode(',', $member_srls));
if (!count($member_srls))
{
return;
}
$logged_info = Context::get('logged_info');
if (!$logged_info->member_srl)
{
return;
}
if (!getModel('module')->isSiteAdmin($logged_info))
{
$member_srls = array_filter($member_srls, function($member_srl) use($logged_info) { return $member_srl == $logged_info->member_srl; });
if (!count($member_srls))
{
return;
}
}
$oModuleModel = getModel('module');
$config = $oModuleModel->getModuleConfig('point');