diff options
| author | Bharat Mediratta <bharat@menalto.com> | 2009-05-10 20:02:40 +0000 |
|---|---|---|
| committer | Bharat Mediratta <bharat@menalto.com> | 2009-05-10 20:02:40 +0000 |
| commit | 31f0839f9b7c64707a88636e49840c196742768b (patch) | |
| tree | fa759255c2470f37758bdc5e047a8a5690581d8e | |
| parent | afa4a8acca1f20bd853564f7c1ffd6dfb7add2fe (diff) | |
Don't provide full-size link if the user can't see the full size
image. There's no security hole here, it's just a bad user
experience.
| -rw-r--r-- | themes/default/views/photo.html.php | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/themes/default/views/photo.html.php b/themes/default/views/photo.html.php index fef0fa07..ab46a528 100644 --- a/themes/default/views/photo.html.php +++ b/themes/default/views/photo.html.php @@ -26,8 +26,13 @@ <div id="gPhoto"> <?= $theme->resize_top($item) ?> + <? if (access::can("view_full", $item)): ?> <a href="#" class="gFullSizeLink" title="<?= t("View full size") ?>"> -<?= $item->resize_tag(array("id" => "gPhotoId-{$item->id}", "class" => "gResize")) ?></a> + <? endif ?> + <?= $item->resize_tag(array("id" => "gPhotoId-{$item->id}", "class" => "gResize")) ?> + <? if (access::can("view_full", $item)): ?> + </a> + <? endif ?> <?= $theme->resize_bottom($item) ?> </div> |