Register Log In

UBB.threads PHP Forum Software Community Forums UBB.threads 7 Version 7 Support Permissions problem

Print Thread

Hop To

Permissions problem #261847 11/25/2018 10:44 PM
Joined: Oct 2007 Posts: 361 Likes: 8 Richardson, TX Baldeagle Enthusiast
Baldeagle Enthusiast Joined: Oct 2007 Posts: 361 Likes: 8 Richardson, TX	On our forum, we have a Moderator Forum that's only visible to Administrators, Global Moderators, and Moderators. Except there's a problem with that. Even as a Guest I can view posts in the Moderator Forum. I can demonstrate this to you easily. Go to this thread: https://www.stovebolt.com/ubbthreads/ubbthreads.php/topics/1288422/new-addition.html#Post1288422 The Moderator in this thread is Achipmunk. Click on his Display Name, then select Show Forum Posts. From the dropdown list of his posts, select one in the Moderator Forum. Click on it. You'll be viewing a thread in the Moderator Forum. Now scroll to the top and click on Moderator Forum in the breadcrumbs. You'll be taken to a login page and told you don't have permission to see this as a guest. Click on Previous Page and you'll go right back to the forum you don't have permission to view. This seems like a loophole in the code. A quick and dirty way to fix it would be to never display posts for a prohibited forum in the Posts list, but that ISTM doesn't really fix the problem. The real problem is that you should not be allowed to view a post if you don't have permission to view it no matter how you arrived at it. If I send you the link to the post directly, you can view it as a Guest, without having to go through the above steps. So it appears that permissions are not being verified before viewing posts. The Stovebolt Geek https://www.stovebolt.com/ubbthreads/ubbthreads.php Server Information UBB.threads Version 7.7.5 Release 20201027 Server OS Linux Server Load 0.16 Web Server Apache/2.4.6 PHP Version 7.4.33 MYSQL Version 5.7.43 Database Size 1.85 GB

Entire Thread
Subject	Posted By	Posted
Permissions problem	Baldeagle	11/26/2018 2:44 AM
Re: Permissions problem	Gizmo	11/26/2018 3:35 AM
Re: Permissions problem	isaac	11/26/2018 6:21 AM
Re: Permissions problem	Baldeagle	11/26/2018 6:55 PM

Link Copied to Clipboard

Comment Guidelines: Do post respectful and insightful comments. Don't flame, hate, spam.

Bots
by Outdoorking - 04/13/2024 5:08 PM

Can you add html to language files?
by Baldeagle - 04/07/2024 2:41 PM

Do I need to rebuild my database?
by Baldeagle - 04/07/2024 2:58 AM

This is not a bug, but a suggestion
by Baldeagle - 04/05/2024 11:25 PM

spam issues
by ECNet - 03/19/2024 11:45 PM

Who's Online Now

1 members (Nightcrawler), 963 guests, and 210 robots.

Key: Admin, Global Mod, Mod

Random Gallery Image

Latest Gallery Images

Los Angeles

Los Angeles
by isaac, August 6

3D Creations

3D Creations
by JAISP, December 30

Artistic structures

Artistic structures
by isaac, August 29

Stones

Stones
by isaac, August 19

Powered by UBB.threads™ PHP Forum Software 8.0.0
(Preview build 20230217)