 Relationships |
|||||||||||
|
|||||||||||
| Anonymous | Login | Signup for a new account | 2013.05.22 01:55 CEST |
| Main | My View | View Issues | Change Log | Roadmap | Docs |
| Viewing Issue Advanced Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||
| ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||
| 0000597 | [Piwigo] user comments | major | always | 2006.12.02 08:13 | 2007.01.21 21:46 | ||
| Reporter | VDigital | View Status | public | ||||
| Assigned To | VDigital | ||||||
| Priority | normal | Resolution | fixed | Platform | Any | ||
| Status | closed | OS | Any | ||||
| Projection | none | OS Version | Any | ||||
| ETA | none | Fixed in Version | Alligator 1 | Product Version | 1.6.2 | ||
| Target Version | Product Build | ||||||
| Summary | 0000597: Unvalidated comments are displayed on public side (Spamming related) | ||||||
| Description |
Even you have in #__config table: param = comments_validation value = true comment = administrators validate users comments before becoming visible Guests / members comments are displayed via ./comments.php |
||||||
| Steps To Reproduce |
Verify in admin configuration Users comments * Comments for all Yes * Validation Yes Disconnect from your gallery. And a comment as a guest: Author notZ0rglub Comment This is a test Go to ./comments.php Comment is online. |
||||||
| Additional Information | |||||||
| Tags | No tags attached. | ||||||
| browser | any | ||||||
| Database engine and version | Any | ||||||
| PHP version | Any | ||||||
| Web server | Any | ||||||
| Attached Files | |||||||
|
|
|||||||
|
Relationships |
|||||||||||
|
|||||||||||
|
Notes |
|
|
(0001562) VDigital (reporter) 2006.12.02 08:17 edited on: 2006.12.02 08:17 |
Related French topic http://forum.phpwebgallery.net/viewtopic.php?id=9389 [^] |
|
(0001567) VDigital (reporter) 2006.12.09 10:05 |
For non admin, and based on comments_validation, a selective crireria has been added on queries. |
|
(0001568) rvelices (developer) 2006.12.09 16:02 |
This bug is only for 1.6 not Alligator. So before [Subversion] r1646 you already had: // which status to filter on ? if ( is_admin() ) { $page['status_clause'] = '1=1'; } else { $page['status_clause'] = 'validated="true"'; } |
|
(0001569) VDigital (reporter) 2006.12.10 12:32 |
I removed my changes... 8-) |
|
(0001674) VDigital (reporter) 2007.01.21 21:46 |
Solved by rub and rvelices actions |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2006.12.02 08:13 | VDigital | New Issue | |
| 2006.12.02 08:13 | VDigital | browser | => any |
| 2006.12.02 08:13 | VDigital | MySQL version | => Any |
| 2006.12.02 08:13 | VDigital | PHP version | => Any |
| 2006.12.02 08:13 | VDigital | Web server | => Any |
| 2006.12.02 08:14 | VDigital | Relationship added | related to 0000524 |
| 2006.12.02 08:17 | VDigital | Note Added: 0001562 | |
| 2006.12.02 08:17 | VDigital | Note Edited: 0001562 | |
| 2006.12.02 08:21 | VDigital | Relationship added | related to 0000596 |
| 2006.12.09 09:02 | VDigital | Status | new => assigned |
| 2006.12.09 09:02 | VDigital | Assigned To | => VDigital |
| 2006.12.09 10:05 | VDigital | Status | assigned => resolved |
| 2006.12.09 10:05 | VDigital | Fixed in Version | => 1.6.3 |
| 2006.12.09 10:05 | VDigital | Resolution | open => fixed |
| 2006.12.09 10:05 | VDigital | Note Added: 0001567 | |
| 2006.12.09 16:02 | rvelices | Status | resolved => feedback |
| 2006.12.09 16:02 | rvelices | Resolution | fixed => reopened |
| 2006.12.09 16:02 | rvelices | Note Added: 0001568 | |
| 2006.12.10 12:32 | VDigital | Note Added: 0001569 | |
| 2007.01.21 21:46 | VDigital | Status | feedback => closed |
| 2007.01.21 21:46 | VDigital | Note Added: 0001674 | |
| 2007.01.21 21:46 | VDigital | Resolution | reopened => fixed |
| 2007.01.21 21:46 | VDigital | Fixed in Version | 1.6.3 => Alligator 1 |
| Mantis 1.1.6[^] Copyright © 2000 - 2008 Mantis Group Contact |  |
