summaryrefslogtreecommitdiffstats
path: root/modules-available/statistics/pages/projectors.inc.php
diff options
context:
space:
mode:
Diffstat (limited to 'modules-available/statistics/pages/projectors.inc.php')
-rw-r--r--modules-available/statistics/pages/projectors.inc.php4
1 files changed, 3 insertions, 1 deletions
diff --git a/modules-available/statistics/pages/projectors.inc.php b/modules-available/statistics/pages/projectors.inc.php
index cde542c6..cc808cf0 100644
--- a/modules-available/statistics/pages/projectors.inc.php
+++ b/modules-available/statistics/pages/projectors.inc.php
@@ -13,12 +13,13 @@ class SubPage
private static function handleProjector($action)
{
+ User::assertPermission('hardware.projectors.edit');
$hwid = Request::post('hwid', false, 'int');
if ($hwid === false) {
Util::traceError('Param hwid missing');
}
if ($action === 'addprojector') {
- Database::exec('INSERT INTO statistic_hw_prop (hwid, prop, value)'
+ Database::exec('INSERT IGNORE INTO statistic_hw_prop (hwid, prop, value)'
. ' VALUES (:hwid, :prop, :value)', array(
'hwid' => $hwid,
'prop' => 'projector',
@@ -43,6 +44,7 @@ class SubPage
private static function showProjectors()
{
+ User::assertPermission('hardware.projectors.*');
$res = Database::simpleQuery('SELECT h.hwname, h.hwid FROM statistic_hw h'
. " INNER JOIN statistic_hw_prop p ON (h.hwid = p.hwid AND p.prop = :projector)"
. " WHERE h.hwtype = :screen ORDER BY h.hwname ASC", array(