Added by krileon almost 14 years ago. Updated over 13 years ago.
Description
The permissions check in get_users_permission fails in part due to $user_id not being defined and the gids check appears to also fail. Issue isn't present if user performing the action is a super user.
Files
| 3310-p1.patch (705 Bytes) 3310-p1.patch | krileon, 28 February 2012 20:01 | ||
| 3310-p2.patch (3.07 KB) 3310-p2.patch | krileon, 28 February 2012 20:01 | ||
| cb.acl.php (36.1 KB) cb.acl.php | krileon, 28 February 2012 20:02 | ||
| cb.tables.php (68.7 KB) cb.tables.php | krileon, 28 February 2012 20:02 |
Updated by krileon almost 14 years ago
Actions
#1
Updated by krileon almost 14 years ago
Actions
#3
Updated by krileon almost 14 years ago
Actions
#4
Resolved permissions issue, but then the below error becomes apparent.
Warning: array_diff() [function.array-diff]: Argument #1 is not an array in administrator/components/com_comprofiler/library/cb/cb.tables.php on line 151
It's due to $oldUserComplete->gids being null instead of an array for a new user.
Updated by krileon almost 14 years ago
Actions
#5
$oldUserComplete is established in saveSafely, but no check is made to ensure gids is an array. Implemented changing of gids from null to array to prevent errors when directly establishing a new moscomprofilerUser then directly calling saveSafely.
Updated by krileon almost 14 years ago
Actions
#6
Added pre-patched CB 1.8 Stable files for those needing immediate resolution (and further testing of patches). Those wanting to test simply copy, paste, and replace to the following location.
administrator/components/com_comprofiler/library/cb/
Updated by beat almost 14 years ago
Actions
#7
Updated by krileon over 13 years ago
Actions
#8
Updated by beat over 13 years ago
Actions
#9
r1803 commits this: testing required.
To Test:
- Try performing CB tasks in backend under various permissions settings.