Contribution onBehalf form - Improve ajax callback

author Coleman Watts <coleman@civicrm.org>

Fri, 2 May 2014 22:40:11 +0000 (15:40 -0700)

committer Coleman Watts <coleman@civicrm.org>

Fri, 2 May 2014 22:40:11 +0000 (15:40 -0700)
author Coleman Watts <coleman@civicrm.org>
Fri, 2 May 2014 22:40:11 +0000 (15:40 -0700)
committer Coleman Watts <coleman@civicrm.org>
Fri, 2 May 2014 22:40:11 +0000 (15:40 -0700)
diff --git a/CRM/Core/Page/AJAX/Location.php b/CRM/Core/Page/AJAX/Location.php

index 0d0f944712950e73b1bd44c852effa7286664033..48de73257bc5090d034d338d14b0c401cf3e5865 100644 (file)
--- a/CRM/Core/Page/AJAX/Location.php
+++ b/CRM/Core/Page/AJAX/Location.php
@@ -50,12 +50,9 @@ class CRM_Core_Page_AJAX_Location {
      $ufId = CRM_Utils_Request::retrieve('ufId', 'Integer', CRM_Core_DAO::$_nullObject, TRUE);
  
      // Verify user id
-    $user = CRM_Core_Session::singleton()->get('userID');
-    if (!$user) {
-      $user = CRM_Utils_Request::retrieve('uid', 'Integer', CRM_Core_DAO::$_nullObject, TRUE);
-      if (!CRM_Contact_BAO_Contact_Permission::validateOnlyChecksum($user, CRM_Core_DAO::$_nullObject)) {
-        CRM_Utils_System::civiExit();
-      }
+    $user = CRM_Utils_Request::retrieve('uid', 'Integer', CRM_Core_DAO::$_nullObject, FALSE, CRM_Core_Session::singleton()->get('userID'));
+    if (!$user || !CRM_Contact_BAO_Contact_Permission::validateChecksumContact($user, CRM_Core_DAO::$_nullObject, FALSE)) {
+      CRM_Utils_System::civiExit();
      }
  
      // Verify user permission on related contact
author	Coleman Watts <coleman@civicrm.org>
	Fri, 2 May 2014 22:40:11 +0000 (15:40 -0700)
committer	Coleman Watts <coleman@civicrm.org>
	Fri, 2 May 2014 22:40:11 +0000 (15:40 -0700)