clean-up
Eric Blade
ekdikeo4 at yahoo.com
Wed Dec 29 12:42:18 CST 2004
My apologies for not responding, I had attempted to
sign up for the list, and that had failed. Oops! Now,
here I am. :)
Paul van Schayck said, about the <<br />> ..
oops, that was a mistake in my search/replace.. I
thought I had fixed all of those occurences that I
made.
Also, for the !loggedin() || !have_priv(admin) .. i
just copied that code from another module, that had
used it in that exact same spot.. the file had a
comment that said "// check for admin access here" ..
:P
no, i don't think it should be !loggedin() &&
!have_priv(admin) .. that wouldn't make sense, if it
were &&.. that needs to be an || .
Re: Johnathan Ernst:
As I said, I had just copied the code from the other
places in the admin/* files that used it. Before I
changed that, the code simply said:
if(!loggedin()) .. which meant anyone logged in could
access that admin function. It does make sense that
if not logged in you couldn't have admin privs, so I
could change all the files to check that instead.
So, my next question.. do you have to have admin priv
to be a maintainer? Becauses some of the files check
for loggedin, havepriv(admin) and maintainer flags.
Should admin/adminCommentView.php be protected? I
realise it's in the admin category, but it doesn't
look like anyone can get into any mischief with that..
could almost be handy for users.
---
anyway, i've fixed those issues, merged it to latest
CVS, and will be re-sending it off in just a minute.
Thanks :)
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the wine-devel
mailing list