ekdikeo4 at yahoo.com
Wed Dec 29 12:42:18 CST 2004
My apologies for not responding, I had attempted to
sign up for the list, and that had failed. Oops! Now,
here I am. :)
Paul van Schayck said, about the <<br />> ..
oops, that was a mistake in my search/replace.. I
thought I had fixed all of those occurences that I
Also, for the !loggedin() || !have_priv(admin) .. i
just copied that code from another module, that had
used it in that exact same spot.. the file had a
comment that said "// check for admin access here" ..
no, i don't think it should be !loggedin() &&
!have_priv(admin) .. that wouldn't make sense, if it
were &&.. that needs to be an || .
Re: Johnathan Ernst:
As I said, I had just copied the code from the other
places in the admin/* files that used it. Before I
changed that, the code simply said:
if(!loggedin()) .. which meant anyone logged in could
access that admin function. It does make sense that
if not logged in you couldn't have admin privs, so I
could change all the files to check that instead.
So, my next question.. do you have to have admin priv
to be a maintainer? Becauses some of the files check
for loggedin, havepriv(admin) and maintainer flags.
Should admin/adminCommentView.php be protected? I
realise it's in the admin category, but it doesn't
look like anyone can get into any mischief with that..
could almost be handy for users.
anyway, i've fixed those issues, merged it to latest
CVS, and will be re-sending it off in just a minute.
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
More information about the wine-devel