You are not logged in. [Log In] UBB.threads PHP Forum Software Community » Forums » UBB.threads 7 Discussion » Bug Reports
      » Fixed Bugs » [FIXED for 7.0.2] Avatar bug?
Register User    Portal Page     Forum List        Calendar     Active Topics     Search     FAQ
Site Links
Home
Features
Documentation
Pricing & Order
Members Area
Support Options
UBBDev.com
UBBWiki.com
Who's Online
0 registered (), 37 Guests and 15 Spiders online.
Key: Admin, Global Mod, Mod
Featured Member
Registered: 12/20/03
Posts: 4420
Top Posters (30 Days)
Ruben 49
Gizmo 24
DennyP 24
Dunny 17
SteveS 14
AllenAyres 12
dbremer 10
SD 9
drkknght00 9
driv 8
Latest Photos
OK Corral Shoot Out
Testing
Basildon Train Station
Basildon Town Centre looking from the rounderbout
Basildon Town Square
Topic Options
#167882 - 11/07/06 09:14 AM [FIXED for 7.0.2] Avatar bug?
Flyin V Offline

member 		Registered: 06/05/06
Posts: 118
I run a tight ship on user uploaded avatars due to problems long ago with people using bad avatars. I turned on the stock avatars just because a couple people bothered me to death about it.

Anyhow one of my users says:

"it's quite easy to come around the system and use your own image for the avatar.
I just used Web-developer toolbar in firefox to show the hidden edit fields and I could then edit it's contents and submit the form."


Edited by Rick (11/08/06 01:16 PM)
Top
Express Hosting
Express Hosting "We are the official hosting company of UBB.threads. Ask us about our free migration services to migrate your UBB.threads installation."
#167888 - 11/07/06 01:02 PM Re: Avatar bug? [Re: Flyin V]
Joshtek Offline
stranger 		Registered: 07/13/06
Posts: 3
I can confirm this bug.

I see no reference to ALLOW_REMOTE_AVATARS in changebasic.inc.php and no proper checks in newuser.inc.php. The only references I can find where the value ALLOW_REMOTE_AVATARS is checked is to determine whether or not to display the HTML.
Top
#167889 - 11/07/06 01:11 PM Re: Avatar bug? [Re: Joshtek]
Rick Offline
Post-a-holic 		Registered: 06/04/06
Posts: 10164
Loc: Aberdeen, WA
Yeah, need to put in a check to make sure the specified URL is local if remove avatars isn't turned on. Will get that fixed for 7.0.2.
Top
#167892 - 11/07/06 02:03 PM Re: Avatar bug? [Re: Rick]
Joshtek Offline
stranger 		Registered: 07/13/06
Posts: 3
Cheers. Maybe remote avatars should always be okay if set by admins/mods through doprofiles.php, tho.
Top



Moderator:  AllenAyres, Harold, Ian, Ron M 
Shout Box

Today's Birthdays
No Birthdays
Recent Topics
Ability to "like" individual posts (not Facebook "likes)
by doug
09:03 AM
Island Permissions
by ThreadsUser
05/22/12 03:03 PM
streaming video
by prkrgrp
05/20/12 07:02 PM
New Posts Corrupted? Can someone help?
by PianoWorld
05/19/12 09:41 AM
Custom forum permissions
by ntdoc
05/18/12 02:07 PM
Forum Stats
10489 Members
36 Forums
33840 Topics
181693 Posts

Max Online: 978 @ 06/24/07 11:19 PM
Random Image
Board Rules · Mark all read
Contact Us · UBBCentral · Top