MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

fix: [over-sanitisation] cleared up over-sanitised message in the events controller

pull/3989/head
iglocska 2019-01-03 21:15:06 +01:00
parent 6aa366138c
commit a1332808e7
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Controller/EventsController.php
View File

@ -1848,7 +1848,7 @@ class EventsController extends AppController
$this->Event->read(null, $target_id);
// check if private and user not authorised to edit
if (!$this->_isSiteAdmin() && ($this->Event->data['Event']['orgc_id'] != $this->_checkOrg() || !($this->userRole['perm_modify']))) {
$this->Flash->error(__('You are not authorised to do that. Please consider using the \'propose attribute\' feature.'));
$this->Flash->error(__("You are not authorised to do that. Please consider using the 'propose attribute' feature."));
$this->redirect(array('action' => 'view', $target_id));
}
$this->Event->insertLock($this->Auth->user(), $target_id);