diff --git a/views/groups.php b/views/groups.php index 9f9cbce..6fda979 100644 --- a/views/groups.php +++ b/views/groups.php @@ -15,7 +15,7 @@ ## limitations under the License. ## -if(isset($_POST['add_group'])) { +if(isset($_POST['add_group']) && ($active_user->admin)) { $name = trim($_POST['name']); if(preg_match('|/|', $name)) { $content = new PageSection('invalid_group_name'); diff --git a/views/servers.php b/views/servers.php index 4128bc0..fe7ed97 100644 --- a/views/servers.php +++ b/views/servers.php @@ -15,7 +15,7 @@ ## limitations under the License. ## -if(isset($_POST['add_server'])) { +if(isset($_POST['add_server']) && ($active_user->admin)) { $hostname = trim($_POST['hostname']); if(!preg_match('|.*\..*\..*|', $hostname)) { $content = new PageSection('invalid_hostname');