BIG PROBLEM!!!!!!! BIG PROBLEM!!!!!!!
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

BIG PROBLEM!!!!!!!

Started by purepersian, April 11, 2004, 05:09:03 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

purepersian

April 11, 2004, 05:09:03 PM
ok iv just realised that users can post comments, then go and EDIT their comment and change the name, so that it looks like someone else posted that comment
how can i correct this?

Casper

#1
April 11, 2004, 06:56:13 PM
Open your themes/yourtheme/theme.php.

Find ;
Code Select
<input type=text name=msg_author value="{MSG_AUTHOR}" class="textinput" size=10>


Change it to;
Code Select
<input type="hidden" name=msg_author value="{MSG_AUTHOR}">

There are 2 times you need to do this, in the '<!-- BEGIN edit_box_smilies -->' section, and also the '<!-- BEGIN edit_box_no_smilies -->

ps.Please do not use subject headings such as 'big problem'.  Please actually describe the problem briefly in the title, such as 'user able to edit name in comments'.

If you allow choice of themes, you will need to do this for all themes.
It has been a long time now since I did my little bit here, and have done no coding or any other such stuff since. I'm back to being a noob here

Joachim Müller

#2
April 12, 2004, 07:17:07 AM
take a look at http://forum.coppermine-gallery.net/index.php?topic=5300 as well.

GauGau

P.S. Next time, use a better subject than "BIG PROBLEM". Capital letters mean "shouting", and I don't like being shouted at. Have a look at http://forum.coppermine-gallery.net/index.php?topic=3997
Print
Go Up Pages1
User actions