[1.7 / 1.7.1] Sending a postcard does not check image/cat view permissions

Welcome, Guest. Please login or register.
Did you miss your activation email?
February 09, 2010, 12:55:45 PM

Check the new Tutorial subforum with helpfull guides and tutorials for modifications and tweaks.

4images Forum & Community

4images Help / Hilfe

Bug Fixes & Patches

[1.7 / 1.7.1] Sending a postcard does not check image/cat view permissions

0 Members and 1 Guest are viewing this topic.

« previous next »

Pages: [1]

Author

Topic: [1.7 / 1.7.1] Sending a postcard does not check image/cat view permissions (Read 9498 times)

V@no

Don't tell me what to do and I won't say where you should go :)
Administrator

4images Guru

Offline

Posts: 16729

Thank You
-Given: 13
-Receive: 81

mmm PHP...

[1.7 / 1.7.1] Sending a postcard does not check image/cat view permissions

« on: March 14, 2005, 05:10:37 AM »

Because of this bug people are able see images through postcard creation page, which they dont have permissions to view.

Open postcards.php
Find:

Code: [Select] [Expand] [Hide line numbers]

1	`if (!check_permission("auth_sendpostcard", $cat_id)) {`

Replace with:

Code: [Select] [Expand] [Hide line numbers]

1
2
3
4
5
6
7
8
9
10
11
12
13
14 /* FIX ACCESS RESTRICTED IMAGES ORIGINAL BLOCK: if (!check_permission("auth_sendpostcard", $cat_id)) { */ /* FIX ACCESS RESTRICTED IMAGES START REPLACE */ if (!check_permission("auth_viewcat", $cat_id) || !check_permission("auth_viewimage", $cat_id) || !check_permission("auth_sendpostcard", $cat_id)) { /* FIX ACCESS RESTRICTED IMAGES END REPLACE */



« Last Edit: March 15, 2005, 07:43:07 AM by V@no »	Logged

Your first three "must do" before you ask a question:

Please do not PM me asking for help unless you've been specifically asked to do so. Such PMs will be deleted without answer. (forum rule #6)

Pages: [1]

« previous next »

Jump to:

piqs.de - Fotocommunity & lizenzfreie Fotos