Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: 1 [2]   Go Down

Author Topic: non-admin user, not in admin mode without personal gallery  (Read 11398 times)

0 Members and 1 Guest are viewing this topic.

Nibbler

  • Guest
Re: non-admin user, not in admin mode without personal gallery
« Reply #20 on: June 27, 2005, 04:39:31 pm »

OK, change the permission checks to
Code: [Select]
if (!(GALLERY_ADMIN_MODE || $CURRENT_PIC['category'] == FIRST_USER_CAT + USER_ID || ($CONFIG['users_can_edit_pics'] && $CURRENT_PIC['owner_id'] == USER_ID)) || !USER_ID) cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);

and move the pageheader($title) call down to just before here:

Code: [Select]
$thumb_url = get_pic_url($CURRENT_PIC, 'thumb');
That should sort it.
Logged

Tranz

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: 00
  • Offline Offline
  • Gender: Female
  • Posts: 6149
Re: non-admin user, not in admin mode without personal gallery
« Reply #21 on: June 28, 2005, 06:54:06 am »

The problem with anonymous access has been resolved.

The non-admin user got this message after clicking the button to edit:
You don't have permission to access this page.
Logged

Nibbler

  • Guest
Re: non-admin user, not in admin mode without personal gallery
« Reply #22 on: June 28, 2005, 01:03:30 pm »

OK, can you test with v1.38 of editOnepic.php.
Logged

Tranz

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: 00
  • Offline Offline
  • Gender: Female
  • Posts: 6149
Re: non-admin user, not in admin mode without personal gallery
« Reply #23 on: June 29, 2005, 07:34:50 am »

Donnoman updated the cpg-contrib gallery with the file and it worked fine as far as editing. Thanks. :)

But I am denied access as the user when trying the buttons for crop/rotate and delete.
Logged

Nibbler

  • Guest
Re: non-admin user, not in admin mode without personal gallery
« Reply #24 on: June 29, 2005, 06:11:34 pm »

Commited fixes for them too :)
Logged

Tranz

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: 00
  • Offline Offline
  • Gender: Female
  • Posts: 6149
Re: non-admin user, not in admin mode without personal gallery
« Reply #25 on: June 30, 2005, 07:35:42 am »

Great! Thank you. :)
Logged
Pages: 1 [2]   Go Up
 

Page created in 0.015 seconds with 19 queries.