 |
 |
 |
 |
|
|
Date: 01/15/00
- Next message: Kennedy Clark: "[PHPLIB] Data Missing and Phplib"
- Previous message: Damien Moody: "[PHPLIB] Fraudulent Product"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi !
After I discovered the security bug (with the $seclev variable) it also came to me that if a person with username/password with seclev gt 0 knows the exact URL to the other pages he can do whatever he wants. So I guess the admin page should be rewritten with more testing of the security of the user so that he/she will be denied access to the pages with seclev > hisownseclev.
By the way, I have done some job on the code and added dynamic menus. (Both admin and normal navbar(s)) Also some functionality in the admin page to add/edit/delete items froom the menu's. Have also planned more functionallity. I'll get back to that later on.
This additions I have done against CVS version from last wednesday. Can anyone explain to me how I make a patch file which I can send to this list?
Best regards
Arne
-
PHP3 Base Library Mailing List. Send messages to <phplib <email protected>>.
To unsubscribe, send "unsubscribe" to <phplib-request <email protected>> in
the body, not the subject, of your message.
- Next message: Kennedy Clark: "[PHPLIB] Data Missing and Phplib"
- Previous message: Damien Moody: "[PHPLIB] Fraudulent Product"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]