Piwigo Bugtracker

Viewing Issue Advanced Details Jump to Notes ] Issue History ] Print ]
ID Category Severity Reproducibility Date Submitted Last Update
0000769 [Piwigo] security minor always 2007.10.30 11:13 2008.05.14 14:47
Reporter Pat View Status public  
Assigned To Pat
Priority normal Resolution fixed Platform
Status closed   OS
Projection none   OS Version
ETA none Fixed in Version 1.7.2 Product Version 1.7.0
  Target Version Product Build
Summary 0000769: Affichage des adresses email des utilisateurs en mode adviser
Description En mode adviser, les adresses email des utilisateurs sont masquées avec l'adresse "adviser.mode@monsite"
Mais si l'adviser clique sur l'édition du profil de l'utilisateur, il peut voir son adresse email.
Steps To Reproduce
Additional Information
Tags No tags attached.
browser any
Database engine and version
PHP version
Web server Apache 1.3.x
Attached Files

- Relationships

-  Notes
(0002150)
Pat (developer)
2008.02.29 14:08

branch 1.7: [Subversion] r2228
trunk: [Subversion] r2229
(0002154)
rub (developer)
2008.02.29 14:47

Plutot que de faire un (script_basename() == 'admin'), il ne faudrait pas utiliser le defined('IN_ADMIN') ?
(0002156)
Pat (developer)
2008.02.29 17:45

Ah ben oui, je le connaissais pas celui-la ;-)
Je modifie ca...
(0002160)
Pat (developer)
2008.03.01 16:26

Voilou, c'est réglé.

branch 1.7: [Subversion] r2236
trunk: [Subversion] r2237

- Issue History
Date Modified Username Field Change
2007.10.30 11:13 Pat New Issue
2007.10.30 11:13 Pat browser => any
2007.10.30 11:13 Pat Web server => Apache 1.3.x
2008.01.29 17:50 mathiasm Category configuration => security
2008.02.29 11:08 Pat Status new => assigned
2008.02.29 11:08 Pat Assigned To => Pat
2008.02.29 14:08 Pat Status assigned => resolved
2008.02.29 14:08 Pat Fixed in Version => 1.7.2
2008.02.29 14:08 Pat Resolution open => fixed
2008.02.29 14:08 Pat Note Added: 0002150
2008.02.29 14:47 rub Status resolved => feedback
2008.02.29 14:47 rub Resolution fixed => reopened
2008.02.29 14:47 rub Note Added: 0002154
2008.02.29 17:45 Pat Note Added: 0002156
2008.03.01 16:26 Pat Status feedback => resolved
2008.03.01 16:26 Pat Resolution reopened => fixed
2008.03.01 16:26 Pat Note Added: 0002160
2008.05.14 14:47 VDigital Status resolved => closed


Mantis 1.1.6[^]
Copyright © 2000 - 2008 Mantis Group
Contact
Powered by Mantis Bugtracker