diff options
Diffstat (limited to 'modules-available/statistics/pages/projectors.inc.php')
-rw-r--r-- | modules-available/statistics/pages/projectors.inc.php | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/modules-available/statistics/pages/projectors.inc.php b/modules-available/statistics/pages/projectors.inc.php index cde542c6..cc808cf0 100644 --- a/modules-available/statistics/pages/projectors.inc.php +++ b/modules-available/statistics/pages/projectors.inc.php @@ -13,12 +13,13 @@ class SubPage private static function handleProjector($action) { + User::assertPermission('hardware.projectors.edit'); $hwid = Request::post('hwid', false, 'int'); if ($hwid === false) { Util::traceError('Param hwid missing'); } if ($action === 'addprojector') { - Database::exec('INSERT INTO statistic_hw_prop (hwid, prop, value)' + Database::exec('INSERT IGNORE INTO statistic_hw_prop (hwid, prop, value)' . ' VALUES (:hwid, :prop, :value)', array( 'hwid' => $hwid, 'prop' => 'projector', @@ -43,6 +44,7 @@ class SubPage private static function showProjectors() { + User::assertPermission('hardware.projectors.*'); $res = Database::simpleQuery('SELECT h.hwname, h.hwid FROM statistic_hw h' . " INNER JOIN statistic_hw_prop p ON (h.hwid = p.hwid AND p.prop = :projector)" . " WHERE h.hwtype = :screen ORDER BY h.hwname ASC", array( |