111
AZNative
Re: Strange Upload Error
  • 2004/5/4 14:40

  • AZNative

  • Friend of XOOPS

  • Posts: 8

  • Since: 2004/4/21


I think I've come across a bug with the permissions and anonymous users.

You have 3 categories and each of those categories can only be viewed by certain groups:

Category 1 -> Registered Users
Category 2 -> Registered Users
Category 3 -> Anonymous Users

Logout of the system and go to the documents section. All three categories are visible even though only category 3 should be visible.

I looked in the functions.php file and came to the conclusion that the $usersid field being passed into the checkMyDownloadsPermission($groupid, $usersid) function is null. This is because no specific users permission were set for that category, only group permissions were set. This makes sense.

Then, you set the $uid null because the current user is anonymous. This also makes sense.

The problem comes further down, around line 120 in functions.php. There is the following block of code:

for ($i=0$i<count($usersid); $i++) {
   
//echo $usersid[$i];
   
if ($usersid[$i]==$uid) {
      return 
true;
   }
 }

 return 
false;


Since both $userid and $uid are null, this block of code will return true, which indicates that the anonymous user DOES have permission to access the category. Since these two fields will always be null, the anonymous user gets to see all categories. In addition, the $usersid will ALWAYS be null or empty in this case because you can't assign an anonymous user to a category. You can only assign the anonymous group to a category.

I was able to resolve the problem (I need to do some further testing though) by modifying the code of block above to look like this:

for ($i=0$i<count($usersid); $i++) {
   
//echo $usersid[$i];

   // HACK: CODE ADDED
   
if ($uid == null) {
     return 
false;
   }
   
// END HACK

   
if ($usersid[$i]==$uid) {
      return 
true;
   }
 }

 return 
false;


What this hack does it simply return false if we have a null user (anonymous) ensuring that the category is not shown.

I was hoping someone else can verify my findings. Please post here.

Thank you.

112
samuels
Re: Strange Upload Error
  • 2004/5/4 18:32

  • samuels

  • Quite a regular

  • Posts: 249

  • Since: 2003/10/30


@AZNative
Thx's for debugging, tell me all what you find.

@King76
Unfortunately I have my exams too near and I can't work on it by now, perhaps in July.

113
AZNative
Re: Strange Upload Error
  • 2004/5/4 20:24

  • AZNative

  • Friend of XOOPS

  • Posts: 8

  • Since: 2004/4/21


I believe my solution above is the fix. I was just hoping someone else could confirm my findings and verify it. Always good to have more than one set of eyes looking at the code.

Then you can include it in your next build.

114
hervet
Adding Excel file for upload
  • 2004/5/5 12:36

  • hervet

  • Friend of XOOPS

  • Posts: 2267

  • Since: 2003/11/4


Hi Samuels,

Could you modify the file named xoops_version.php and insert this line ?
Quote:

"xls" => "application/vnd.ms-excel",


at the line 340 just after :
Quote:

"xml" => "text/xml",


Thanks in advance.

Bye,
Hervé

115
king76
Re: Adding Excel file for upload
  • 2004/5/11 7:48

  • king76

  • Just popping in

  • Posts: 93

  • Since: 2003/1/15


Samuels,

I have a new error ! When I modify (edit) a download in admin, this is the message (debug mode) :

Quote:
Fatal error: Cannot redeclare class xoopsmediauploader in /var/www/html/pole/class/uploader.php on line 86


Can you help me please ?

Mydownload 1.04

thks

116
king76
Re: Adding Excel file for upload
  • 2004/5/11 8:11

  • king76

  • Just popping in

  • Posts: 93

  • Since: 2003/1/15


Sorry, I have updated with mydownload 1.04 and I haven't error now !

Sorry :)

A+

117
cRuNcHiE
Re: Adding Excel file for upload
  • 2004/5/11 10:13

  • cRuNcHiE

  • Just popping in

  • Posts: 18

  • Since: 2004/1/12


Maybe ive gone totally blind, but where is the link to version 1.04? the link only seems to point to 1.03 for me, unless its readme hasnt been updated to say 1.04?


EDIT ok i realise now its just that the readme hasnt been updated, but i have a couple of problems.

As i test i uploaded the mydownloadspro zip file, but the url it has made for the download is like this


http://domain/uploads/1084273570-_MYD ... -mydownloads_V2.1beta.zip

and obviously doesnt work, any idea why its doing that?

the other little but is with uploading category images.

When i upload the image and goto the downloads admin section it cant find the image, it thinks the url to it is

http://domain/files/home2/iamcrunchie ... mages/category/97_1_b.jpg

when it should say
http://domain/modules/mydownloads/images/category/97_1_b.jpg

The image does however show fine when you browse the downloads section.

cheers

cRuNcHiE

118
coldfire
Re: Mydownloads module modified
  • 2004/5/11 15:14

  • coldfire

  • Just popping in

  • Posts: 14

  • Since: 2003/12/6


I haven't tried it yet. However, I wanted to point out that the permissions on the upgrade script are set to 600 when uploaded from a win box. This will cause one to be unable to run the script. Please fix this before trying to run the script.

119
coldfire
Re: Mydownloads module modified
  • 2004/5/11 17:42

  • coldfire

  • Just popping in

  • Posts: 14

  • Since: 2003/12/6


One more thing is there are few errors in the English language files. I can send you my corrections if you like.

LMK

120
king76
Re: Mydownloads module modified
  • 2004/5/17 8:26

  • king76

  • Just popping in

  • Posts: 93

  • Since: 2003/1/15


Hello Guy :)

Samuels, can you look in "admin.php" op=modCat, in permission by groups plz !

There is a bug for group with id > 9, for example :

My group id = 29

This line to change :

$sform->addElement( new XoopsFormSelectGroup (_MD_GROUPACCESS, 'groupid',true,preg_split('//', $groupid, -1, PREG_SPLIT_NO_EMPTY),10,true));

Updated by :

$sform->addElement( new XoopsFormSelectGroup (_MD_GROUPACCESS, 'groupid',true,preg_split('/ /', $groupid, -1, PREG_SPLIT_NO_EMPTY),10,true));

thks

Login

Who's Online

57 user(s) are online (28 user(s) are browsing Support Forums)


Members: 0


Guests: 57


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Aug 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits