diff --git a/inc/RSCDSSession.php b/inc/RSCDSSession.php index 9bf7707b..b8c51585 100644 --- a/inc/RSCDSSession.php +++ b/inc/RSCDSSession.php @@ -1,20 +1,6 @@ logged_in && isset($this->is_admin) && ($this->is_admin == 't') ); - } - - - /** - * Returns a value for user_no which is within the legal values for this user, - * using a POST value or a GET value if available and allowed, otherwise using - * this user's value. - * - * @return int The sanitised value of user_no - */ - function SanitisedUserNo( ) { - $user_no = 0; - if ( ! $this->logged_in ) return $user_no; - - $user_no = $this->user_no; - if ( $this->AllowedTo("Admin") && (isset($_POST['user_no']) || isset($_GET['user_no'])) ) { - $user_no = intval(isset($_POST['user_no']) ? $_POST['user_no'] : $_GET['user_no'] ); - } - if ( $user_no == 0 ) $user_no = $this->user_no; - return $user_no; - } - - /** * Internal function used to assign the session details to a user's new session. * @param object $u The user+session object we (probably) read from the database.