Secondary groups don't seem to be working. - Page 2 Secondary groups don't seem to be working. - Page 2
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Secondary groups don't seem to be working.

Started by donnoman, February 24, 2005, 07:58:42 AM

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

Tarique Sani

#20
I guess simplest solution is that

#1) a member cannot be removed from the registered group and
#2) we should mention that the viewing permissions are inclusive and not atomic
SANIsoft PHP applications for E Biz

Joachim Müller

OK, let's go for the method suggested by Tarique then. Who will implement the needed changes (at least the docs should be updated imo)?

Joachim

Aditya Mooley

I will implment #1. Somebody please update the documents.
--- "Its Nice 2 BE Important but its more Important 2 Be NICE" ---
Follow Coppermine on Twitter

omniscientdeveloper

I've already done this. However, I cannot commit until Saturday. I'm away.

Aditya Mooley

Oops!! I already commited.
I have removed registered as well as banned from the secondary group listings.
--- "Its Nice 2 BE Important but its more Important 2 Be NICE" ---
Follow Coppermine on Twitter

omniscientdeveloper

No problem. I'll download a nwe copy when I get back.

donnoman

Aditya, what happens when bridged?

We've recently had some problems with editOnePic.php and images in an album where "registered" users should have been able to upload and maintain thier own pics. However the user was in a specific group of SMF.

I suspect the problem was that this user didn't come through the SMF bridge as being in both the "registered" and thier secondary group. Only thier secondary group. So what happened is that the user made a modification to the image, didn't notice the alb list was no longer populated then pressed submit.

It wrote the pic back to the table with an aid of zero, and the pic went MIA.  I was able to manually re-assign the pic's aid with phpmyadmin, and I've fixed editOnePic to at least show the album thats currently assigned so this no longer happens.  But if the user isn't getting the registered group, then they will likely have other problems.

omniscientdeveloper

In the code, registered is added automatically even in the bridges, so removing the "option" doesn't do anything.

donnoman

#28
as a normal "registered" user, I uploaded a pic to an album (worked fine) then I tried to go back in and edit it.

QuoteYou don't have permission to access this page.

File: /home/cpg-contrib/public_html/editOnePic.php - Line: 24


USER:
------------------
Array
(
   [ID] => 018eb1ee7a85ae957da115e8b620759e
   [am] => 1
   [lang] => english
   [liv] => Array
       (
           [0] => 13
       )

)

==========================
USER DATA:
------------------
Array
(
   [user_id] => 12
   [user_name] => brayd
   [groups] => Array
       (
           [0] => 2
       )

   [disk_max] => 1024
   [disk_min] => 1024
   [can_rate_pictures] => 1
   [can_send_ecards] => 1
   [ufc_max] => 3
   [ufc_min] => 3
   [custom_user_upload] => 0
   [num_file_upload] => 1
   [num_URI_upload] => 1
   [can_post_comments] => 1
   [can_upload_pictures] => 1
   [can_create_albums] => 0
   [has_admin_access] => 0
   [pub_upl_need_approval] => 1
   [priv_upl_need_approval] => 1
   [group_name] => Registered
   [upload_form_config] => 3
   [group_quota] => 1024
   [can_see_all_albums] => 0
   [group_id] => 2
)

==========================
Queries:
------------------
Array
(
   [0] => SELECT extension, mime, content, player FROM cpg140_filetypes; (0s)
   [1] => select * from cpg140_plugins order by priority asc; (0s)
   [2] => SELECT * FROM cpg140_bridge (0s)
   [3] => SELECT group_id FROM cpg140_usergroups WHERE has_admin_access  (0s)
   [4] => SELECT ID_MEMBER as user_id FROM `cpgcontrib`.smf_members WHERE ID_POST_GROUP in (1,101) (0s)
   [5] => SELECT u.ID_MEMBER AS id, u.memberName AS username, u.passwd AS password, u.ID_POST_GROUP+100 AS group_id FROM `cpgcontrib`.smf_members AS u INNER JOIN `cpgcontrib`.smf_membergroups AS g ON u.ID_POST_GROUP=g.ID_GROUP WHERE u.ID_MEMBER='12' (0s)
   [6] => SELECT MAX(group_quota) as disk_max, MIN(group_quota) as disk_min, MAX(can_rate_pictures) as can_rate_pictures, MAX(can_send_ecards) as can_send_ecards, MAX(upload_form_config) as ufc_max, MIN(upload_form_config) as ufc_min, MAX(custom_user_upload) as custom_user_upload, MAX(num_file_upload) as num_file_upload, MAX(num_URI_upload) as num_URI_upload, MAX(can_post_comments) as can_post_comments, MAX(can_upload_pictures) as can_upload_pictures, MAX(can_create_albums) as can_create_albums, MAX(has_admin_access) as has_admin_access, MIN(pub_upl_need_approval) as pub_upl_need_approval, MIN( priv_upl_need_approval) as  priv_upl_need_approval FROM cpg140_usergroups WHERE group_id in (2) (0s)
   [7] => SELECT group_name FROM  cpg140_usergroups WHERE group_id= 2 (0s)
   [8] => SELECT user_favpics FROM cpg140_favpics WHERE user_id = 12 (0s)
   [9] => SHOW TABLES LIKE 'cpg140_cms_config' (0s)
   [10] => SELECT * FROM cpg140_cms_config (0s)
   [11] => DELETE FROM cpg140_banned WHERE expiry < '2005-03-25 23:36:53' (0s)
   [12] => SELECT * FROM cpg140_banned WHERE (ip_addr='4.3.129.24' OR ip_addr='4.3.129.24' OR user_id=12) AND brute_force=0 (0s)
   [13] => SELECT aid FROM cpg140_albums WHERE visibility != '0' AND visibility !='10012' AND visibility NOT IN (2) (0s)
   [14] => SELECT COUNT(*) FROM cpg140_pictures WHERE approved = 'NO' (0s)
)

==========================
GET :
------------------
Array
(
   [id] => 13
   [what] => picture
)

==========================
POST :
------------------
Array
(
)

==========================
Page generated in 0.143 seconds - 15 queries in 0 seconds - Album set : AND aid NOT IN (5) ; Meta set: ;


editonepic line 24

if (!(GALLERY_ADMIN_MODE || USER_ADMIN_MODE)) cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);


It looks like it doesn't think im in USER_ADMIN_MODE

[edit]Allow users to retain control over their pics in public galleries  IS on in the config[/edit]

Joachim Müller

*bump*: what's the status of this issue?

Joachim

Aditya Mooley

Quote from: omniscientdeveloper on March 26, 2005, 08:24:49 AM
In the code, registered is added automatically even in the bridges, so removing the "option" doesn't do anything.

The above is true.
What donnoman is experiencing is most likely something different. So, lets split this thread and mark the original issue as done.
--- "Its Nice 2 BE Important but its more Important 2 Be NICE" ---
Follow Coppermine on Twitter

donnoman

The other issue I spoke of was already fixed when I posted.

I just thought the problem may have been related to this post.

So I think the thread can be marked fixed, don't bother to split.