+ удалять заказ может только админ

andryeyev
1 parent c52bd933
Showing 1 changed file with 5 additions and 2 deletions Show diff stats
account/admin/orders.php
@@ -1861,8 +1861,11 @@ if (! isset ($_GET[&#39;action&#39;]))
                                 echo "<div id='records'><a href='/account/admin/orders.php?action=print&order_id=" . $order['order_id'] . "' target='_new' class='button-save'>Ïå÷àòü</a></div>";
                                 // âûõîä
                                 echo "<div id='records'><a href='" . $url_l . "&exit_order_id=" . $order['order_id'] . "' class='button-save'>Âûéòè èç çàêàçà</a></div>";
-                                // óäàëèòü
-                                echo "<div id='records'><a href='" . $url_l . "&del_order=1&order_id=" . $order['order_id'] . "' class='button-save need-confirm red'>Óäàëèòü çàêàç</a></div>";
+                                // óäàëèòü 
+                                if ($_SESSION['admin']['group'] == 1) // òîëüêî àäìèí
+                                {
+                                    echo "<div id='records'><a href='" . $url_l . "&del_order=1&order_id=" . $order['order_id'] . "' class='button-save need-confirm red'>Óäàëèòü çàêàç</a></div>";
+                                }
                             }
  
                             /*