Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: Problem with admin - anyone can see it  (Read 2569 times)

0 Members and 1 Guest are viewing this topic.

comdawg

  • Coppermine newbie
  • Offline Offline
  • Posts: 2
Problem with admin - anyone can see it
« on: February 20, 2007, 05:24:40 pm »
I noticed that if a regular visitor comes to my Coppermine site and doesn't register, if he/she knows the admin file name (which they could if they just downloaded their own CP) they can just go into Admin without logging in.  If they try to save a new config it says they can't, but I don't want them to see those options at all.  Is there a way to make it so if you just type in the path to admin.php it will force you to log in if you aren't?
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: Problem with admin - anyone can see it
« Reply #1 on: February 21, 2007, 09:47:21 am »
Quote from: comdawg on February 20, 2007, 05:24:40 pm
Is there a way to make it so if you just type in the path to admin.php it will force you to log in if you aren't?
When a non-admin user tries to access the config page (http://yoursite.tld/your_coppermine_folder/admin.php), all he sees is
Quote
You don't have permission to access this page.
If this is different for your site, then post a link to your coppermine-driven gallery.
Logged
Pages: [1]   Go Up
« previous next »
 

Page created in 0.053 seconds with 15 queries.