forum.coppermine-gallery.net
Dev Board => cpg1.4 Testing/Bugs => cpg1.4 Testing/Bugs: FIXED/CLOSED => Topic started by: Nibbler on November 28, 2004, 04:19:04 pm
-
There seems to be no restrictions on pic sorting, any user can change the order of pics anywhere in the gallery.
-
Is this a bug - this is feature - any user can change sorting BUT it is for that user / browser only
-
I mean the actual 'sort my pictures' section. This alters the `position` in the db so is a global re-ordering.
-
Nibbler is right, this actually is a bug: there has to be an additional check in picmgr.php that only allows access to the album the user is owner of.
Joachim
-
Fixed in picmgr.php v1.9 - regular users can only change sorting order of their personal gallery, not of the public galleries. Applied frogfoot's advanced album dropdown to picmgr.php as well.
Someone please confirm fix.
Joachim
-
That mod does not seem to support bridging, it references the user table directly so I get a db error.
-
k, so I will have to look into it once more (sigh, why didn't I check bridging as well?)...
Joachim
-
k, managed to fix this for gallery admin when bridged. I have no clue how to fix this for regular users when using the bridge without adding queries/functions to all bridge files, so the script just dies gracefully at the moment (picmgr.php v1.10). There are three options now:
1) We leave things as they are and flag this a "known issue" ::)
2) We remove the "sort my pictures" feature for regular users (at least when bridged)
3) Someone can come up with an idea how to make the mod work for regular users when bridged
I'd go for the easy option (No. 2) for now, as I'm currently busy with another project, so I don't have time to look into this in detail. Your feedback please.
Joachim
-
Go with option 2 for now
-
Can we not simply do this ?
// albums in user's personal galleries
if (defined('UDB_INTEGRATION')) {
if (GALLERY_ADMIN_MODE) {
$sql = udb_get_admin_album_list();
} else {
$sql = "SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = ".(FIRST_USER_CAT + USER_ID);
//cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);
}
} else {
-
guess you're right, didn't think of the easy solution (I was fiddling with another query in the bridge files instead - very silly thing :-X). Could you commit?
Joachim
-
Committed.
new revision: 1.11;
-
fix confirmed. Changing status of thread accordingly.
Joachim
-
This issue is back for bridged installs.
-
Does anyone from the dev team care to look into this?
Joachim
-
I don't mind delving into it, but I'm having trouble replicating it.
I've setup a bridged install with SMF, have a public album, login as a bridged registered user, click 'sort my pictures' on the users admin menu, it does not show any of the public albums.
As far as I can tell, thats the behaviour we are after isn't it?
Could the problem be with a specific bridge? What forum were you experiencing this on Nibbler?
-
Yes, it doesn't show public albums but it does now show everyone else's user galleries. It was on my local test gallery with an smf bridge which has sadly succumbed to disk failure, but you can see the same thing on my main site http://www.ic-gallery.com if you login as visitor/visitor.
-
Thanks Nibbler for the clarification, I've been able to reproduce the problem. Looking into the fix.
[edit]This affects non-bridged installs as well, I reproduced this in a regular install[/edit]
-
Fix committed to picmgr.php $Revision: 1.17 $
Tested: Normal and Bridged with SMF.
Can someone confirm, and mark this thread fixed.
-
Can you attach it here ? I'll have to wait for the webcvs otherwise.
-
section modified in picmgr.php
// albums in user's personal galleries
// if (defined('UDB_INTEGRATION')) {
//if (GALLERY_ADMIN_MODE) {
// $sql = $cpg_udb->get_admin_album_list();
/*} else {
$sql = "SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = ".(FIRST_USER_CAT + USER_ID);
}*/
// } else {
if (GALLERY_ADMIN_MODE) {
// $sql = "SELECT aid, CONCAT('(', user_name, ') ', title) AS title " . "FROM {$CONFIG['TABLE_ALBUMS']} AS a " . "INNER JOIN {$CONFIG['TABLE_USERS']} AS u ON category = (" . FIRST_USER_CAT . " + user_id)";
$sql = $cpg_udb->get_admin_album_list(); //it's always bridged so we no longer need to check.
} else {
$sql = "SELECT aid, title AS title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = " . (FIRST_USER_CAT + USER_ID);
}
// }
$result = cpg_db_query($sql);
-
That fixes the problem, thanks.