Problem with admin - anyone can see it Problem with admin - anyone can see it
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Problem with admin - anyone can see it

Started by comdawg, February 20, 2007, 05:24:40 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

comdawg

February 20, 2007, 05:24:40 PM
I noticed that if a regular visitor comes to my Coppermine site and doesn't register, if he/she knows the admin file name (which they could if they just downloaded their own CP) they can just go into Admin without logging in.  If they try to save a new config it says they can't, but I don't want them to see those options at all.  Is there a way to make it so if you just type in the path to admin.php it will force you to log in if you aren't?

Joachim Müller

#1
February 21, 2007, 09:47:21 AM
Quote from: comdawg on February 20, 2007, 05:24:40 PM
Is there a way to make it so if you just type in the path to admin.php it will force you to log in if you aren't?
When a non-admin user tries to access the config page (http://yoursite.tld/your_coppermine_folder/admin.php), all he sees is
QuoteYou don't have permission to access this page.
If this is different for your site, then post a link to your coppermine-driven gallery.
Print
Go Up Pages1
User actions